CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-4820 MEDIUM
Oretnom23 Online Computer And Laptop Store - Unrestricted File Upload
CVSS 6.3
CVE-2024-4809 MEDIUM
Nikhil-bhalerao Open Source Clinic Ma... - Unrestricted File Upload
CVSS 6.3
CVE-2024-4681 MEDIUM
Campcodes Legal Case Management System - Unrestricted File Upload
CVSS 4.7
CVE-2024-4560 CRITICAL
Kognetiks Chatbot <1.9.9 - File Upload
CVSS 9.8
CVE-2024-4397 HIGH
Thimpress Learnpress < 4.2.6.6 - Unrestricted File Upload
CVSS 8.8
CVE-2024-34555 CRITICAL
URBAN BASE Z-Downloads <1.11.3 - Unrestricted Upload
CVSS 10.0
CVE-2024-34440 CRITICAL
Jordy Meow AI Engine: ChatGPT Chatbot - Unrestricted Upload of File...
CVSS 9.1
CVE-2024-34416 CRITICAL
Pk Favicon Manager <2.1 - Unrestricted Upload
CVSS 9.1
CVE-2024-34411 CRITICAL
Thomas Scholl canvasio3D Light <2.5.0 - Unrestricted Upload
CVSS 9.9
CVE-2024-32700 CRITICAL
Kognetiks Chatbot for WordPress <2.0.0 - Unrestricted File Upload
CVSS 10.0
CVE-2024-31377 CRITICAL
J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus - Unrestricted Up...
CVSS 10.0
CVE-2024-33120 CRITICAL
Roothub - Unrestricted File Upload
CVSS 9.8
CVE-2024-4345 CRITICAL
Startklar Elementor Addons <1.7.13 - File Upload
CVSS 9.8
CVE-2024-33752 MEDIUM
Emlog - Unrestricted File Upload
CVSS 6.3
CVE-2024-4500 MEDIUM
Fast5 Prison Management System - Unrestricted File Upload
CVSS 6.3
CVE-2024-33786 CRITICAL
Zhongcheng Kexin Ticketing Mgmt <20.04 - RCE
CVSS 9.8
CVE-2024-4033 HIGH
All-in-One Video Gallery plugin <3.6.4 - RCE
CVSS 8.8
CVE-2024-2667 CRITICAL
InstaWP Connect <= 0.1.0.22 - Unauthenticated Arbitrary File Upload
CVSS 9.8
CVE-2024-1567 HIGH
Royal-elementor-addons Royal Elemento... - Unrestricted File Upload
CVSS 8.2
CVE-2024-4349 HIGH
Donbermoy Pisay Online E-learning System - Unrestricted File Upload
CVSS 7.3
CVE-2024-28269 HIGH
ReCrystallize Server <5.10.0.0 - RCE
CVSS 7.2
CVE-2024-33438 HIGH
Cubecart < 6.5.5 - Unrestricted File Upload
CVSS 8.0
CVE-2024-4306 CRITICAL
Ofofonobsdev Hubbank - Unrestricted File Upload
CVSS 9.9
CVE-2024-32880 CRITICAL
Pyload < 0.5.0 - Unrestricted File Upload
CVSS 9.1
CVE-2024-3962 CRITICAL
Themeisle Product Addons & Fields For... - Unrestricted File Upload
CVSS 9.8
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits