CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-5853 CRITICAL
Sirv < 7.2.7 - Unrestricted File Upload
CVSS 9.9
CVE-2024-3229 CRITICAL
Salonbookingsystem Salon Booking System - Unrestricted File Upload
CVSS 9.8
CVE-2024-2381 HIGH
Ali2woo Aliexpress Dropshipping With ... - Unrestricted File Upload
CVSS 8.8
CVE-2024-6116 HIGH
Clivedelacruz Simple Online Hotel Res... - Unrestricted File Upload
CVSS 7.3
CVE-2024-6115 HIGH
Clivedelacruz Simple Online Hotel Res... - Unrestricted File Upload
CVSS 7.3
CVE-2024-6114 HIGH
Janobe Monbela Tourist Inn Online Res... - Unrestricted File Upload
CVSS 7.3
CVE-2024-6110 HIGH
Janobe Magbanua Beach Resort Online R... - Unrestricted File Upload
CVSS 7.3
CVE-2024-6084 HIGH
Janobe Pool OF Bethesda Online Reserv... - Unrestricted File Upload
CVSS 7.3
CVE-2024-6083 MEDIUM
Phpvibe - Unrestricted File Upload
CVSS 6.3
CVE-2024-34833 CRITICAL
Oretnom23 Payroll Management System - Unrestricted File Upload
CVSS 9.8
CVE-2024-3912 CRITICAL
ASUS Router - RCE
CVSS 9.8
CVE-2024-31161 HIGH
Asus Download Master < 3.1.0.114 - Unrestricted File Upload
CVSS 7.2
CVE-2024-31777 CRITICAL
openeclass <3.15 - RCE
CVSS 9.8
CVE-2024-36396 HIGH
Verint - Buffer Overflow
CVSS 8.8
CVE-2024-34110 HIGH
Adobe Commerce <2.4.7 - RCE
CVSS 7.2
CVE-2024-1659 CRITICAL
Megabip < 5.10 - Unrestricted File Upload
CVSS 9.8
CVE-2024-34683 MEDIUM
SAP Document Builder - Unrestricted File Upload
CVSS 6.5
CVE-2024-36415 CRITICAL
SuiteCRM <7.14.4-8.6.1 - RCE
CVSS 9.1
CVE-2024-35746 CRITICAL
Buddypress Cover < 2.1.4.2 - Unrestricted File Upload
CVSS 10.0
CVE-2024-5745 HIGH
Bakery Online Ordering System - Unrestricted File Upload
CVSS 7.3
CVE-2024-5734 MEDIUM
Online Discussion Forum - Unrestricted File Upload
CVSS 6.3
CVE-2024-36774 HIGH
Monstra CMS <3.0.4 - RCE
CVSS 7.2
CVE-2024-5278 MEDIUM
Gaizhenbiao Chuanhuchatgpt < 20240919 - Unrestricted File Upload
CVSS 6.1
CVE-2024-37273 CRITICAL
Homebrew Jan - Code Injection
CVSS 9.8
CVE-2024-36858 CRITICAL
Jan v0.4.12 - RCE
CVSS 9.8
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits