CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-31351 CRITICAL
Copymatic < 1.7 - Unrestricted File Upload
CVSS 10.0
CVE-2024-4966 HIGH
SourceCodester SchoolWebTech 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2024-4964 MEDIUM
D-Link DAR-7000-40 - Unrestricted Upload
CVSS 6.3
CVE-2024-4963 MEDIUM
D-Link DAR-7000-40 - Unrestricted Upload
CVSS 6.3
CVE-2024-4962 MEDIUM
D-Link DAR-7000-40 V31R02B1413C - Unrestricted Upload
CVSS 6.3
CVE-2024-4961 MEDIUM
D-Link DAR-7000-40 - Unrestricted Upload
CVSS 6.3
CVE-2024-4960 MEDIUM
D-Link DAR-7000-40 V31R02B1413C - Unrestricted Upload
CVSS 6.3
CVE-2024-4946 MEDIUM
SourceCodester Online Art Gallery Management System 1.0 - Unrestric...
CVSS 6.3
CVE-2024-4945 MEDIUM
SourceCodester Best Courier Management System 1.0 - Unrestricted Up...
CVSS 4.3
CVE-2024-4927 HIGH
SourceCodester Simple Online Bidding System 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2024-4923 MEDIUM
Codezips E-Commerce Site 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-4921 MEDIUM
SourceCodester Employee and Visitor Gate Pass Logging System 1.0 - ...
CVSS 6.3
CVE-2024-4920 HIGH
SourceCodester Online Discussion Forum Site 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2024-4904 MEDIUM
Byzoro Smart S200 Management Platform <20240507 - Unrestricted Upload
CVSS 6.3
CVE-2024-34913 MEDIUM
Technocking R-pan-scaffolding < 5.0 - XSS
CVSS 5.4
CVE-2024-34909 MEDIUM
Kykms < 1.0.1 - XSS
CVSS 5.4
CVE-2024-34906 MEDIUM
Dootask - XSS
CVSS 5.4
CVE-2024-3488 MEDIUM
Microfocus Imanager < 3.2.6 - Improper Input Validation
CVSS 5.6
CVE-2024-3483 HIGH
Microfocus Imanager < 3.2.6 - Command Injection
CVSS 7.8
CVE-2024-32002 CRITICAL
Git <2.45.1-2.39.4 - Code Injection
CVSS 9.0
CVE-2024-33006 CRITICAL
Unspecified - File Upload RCE
CVSS 9.6
CVE-2024-27945 HIGH
Siemens Ruggedcom Crossbow < 5.5 - Remote Code Execution
CVSS 7.2
CVE-2024-27944 HIGH
Siemens Ruggedcom Crossbow < 5.5 - Remote Code Execution
CVSS 7.2
CVE-2024-27943 HIGH
Siemens Ruggedcom Crossbow < 5.5 - Remote Code Execution
CVSS 7.2
CVE-2024-4825 CRITICAL
Agentejo Cockpit < 2.7.0 - Unrestricted File Upload
CVSS 9.8
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits