CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-3117 MEDIUM
YouDianCMS <9.5.12 - Unrestricted Upload
CVSS 4.7
CVE-2024-30510 CRITICAL
Salonbookingsystem Salon Booking System - Unrestricted File Upload
CVSS 10.0
CVE-2024-30500 CRITICAL
Cubewp < 1.1.13 - Unrestricted File Upload
CVSS 9.9
CVE-2024-28713 CRITICAL
Mtons Mblog - Unrestricted File Upload
CVSS 9.8
CVE-2024-2890 CRITICAL
Tumult Hype Animations <2 - Unrestricted Upload of File with Danger...
CVSS 9.1
CVE-2024-29100 CRITICAL
Meowapps AI Engine < 2.1.5 - Unrestricted File Upload
CVSS 9.1
CVE-2024-29891 HIGH
ZITADEL - XSS
CVSS 8.7
CVE-2024-1532 MEDIUM
RTU500 - Info Disclosure
CVSS 6.8
CVE-2024-1531 HIGH
RTU500 - Info Disclosure
CVSS 8.2
CVE-2024-2930 HIGH
SourceCodester Music Gallery Site 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2024-30231 CRITICAL
WebToffee Product Import Export <2.4.1 - Unrestricted Upload
CVSS 9.1
CVE-2024-29515 HIGH
lepton <7.1.0 - Authenticated RCE
CVSS 8.8
CVE-2024-28105 HIGH
Phpmyfaq < 3.2.6 - Unrestricted File Upload
CVSS 7.2
CVE-2024-2849 MEDIUM
Ganeshrkt Simple File Manager Web App - Unrestricted File Upload
CVSS 6.3
CVE-2024-29272 MEDIUM
VvvebJs < 1.7.5 - Arbitrary File Upload
CVSS 6.5
CVE-2024-28441 CRITICAL
Magicflue < 7.0 - Unrestricted File Upload
CVSS 9.8
CVE-2024-27964 HIGH
Gesundheit-bewegt Zippy < 1.6.10 - Unrestricted File Upload
CVSS 8.8
CVE-2024-2754 MEDIUM
Donbermoy Complete E-commerce Site - Unrestricted File Upload
CVSS 4.7
CVE-2024-29859 CRITICAL
MISP <2.4.187 - File Upload Vulnerability
CVSS 9.8
CVE-2024-27923 HIGH
Grav < 1.7.43 - Authentication Bypass
CVSS 8.8
CVE-2024-2690 MEDIUM
SourceCodester Online Discussion Forum Site 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-1205 HIGH
Wemanage < 1.2.3 - Unrestricted File Upload
CVSS 8.8
CVE-2024-29135 CRITICAL
Themefic Tourfic < 2.11.16 - Unrestricted File Upload
CVSS 9.9
CVE-2024-2636 CRITICAL
Cegid Meta4 HR - Unrestricted Upload of File
CVSS 9.0
CVE-2024-2604 MEDIUM
SourceCodester File Manager App 1.0 - Unrestricted Upload
CVSS 6.3
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits