CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,016 vulnerabilities with CWE-434
CVE-2024-22567 HIGH
MCMS 5.3.5 - Code Injection
CVSS 8.8
CVE-2024-1116 HIGH
openBI <1.0.8 - Unrestricted Upload
CVSS 7.3
CVE-2024-1113 MEDIUM
openBI <1.0.8 - Unrestricted Upload
CVSS 6.3
CVE-2024-1069 HIGH
Crmperks Database For Contact Form 7,... - Unrestricted File Upload
CVSS 7.2
CVE-2024-1036 HIGH
Openbi < 1.0.8 - Unrestricted File Upload
CVSS 7.3
CVE-2024-1035 HIGH
Openbi < 1.0.8 - Unrestricted File Upload
CVSS 7.3
CVE-2024-1034 HIGH
Openbi < 1.0.8 - Unrestricted File Upload
CVSS 7.3
CVE-2024-1027 MEDIUM
Oretnom23 Facebook News Feed Like - Unrestricted File Upload
CVSS 6.3
CVE-2024-1008 MEDIUM
Razormist Employee Management System - Unrestricted File Upload
CVSS 4.7
CVE-2024-0939 MEDIUM
Byzoro Smart S210 Management Platform <20240117 - Unrestricted Upload
CVSS 6.3
CVE-2024-0933 MEDIUM
Niushop B2C V5 - Unrestricted Upload
CVSS 6.3
CVE-2024-22550 MEDIUM
ShopSite <14.0 - RCE
CVSS 6.1
CVE-2024-23630 CRITICAL
Motorola Mr2600 Firmware - Unrestricted File Upload
CVSS 9.0
CVE-2024-24399 HIGH
Lepton-cms Leptoncms - Unrestricted File Upload
CVSS 7.2
CVE-2024-22152 HIGH
WebToffee Product Import Export <2.3.7 - Unrestricted Upload
CVSS 8.0
CVE-2024-22135 HIGH
Webtoffee Order Export & Order Import For Woocommerce < 2.4.4 - Unrestricted File Upload
CVSS 8.0
CVE-2024-23180 HIGH
Appleple A-blog Cms < 2.9.0 - Unrestricted File Upload
CVSS 8.8
CVE-2024-0783 MEDIUM
Project Worlds Online Admission System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-22895 HIGH
DedeCMS 5.7.112 - File Upload
CVSS 8.8
CVE-2024-0648 HIGH
Yunyou CMS <2.2.6 - Unrestricted Upload
CVSS 7.3
CVE-2024-20272 HIGH
Cisco Unity Connection - RCE
CVSS 7.3
CVE-2024-0643 CRITICAL
C21 Live Encoder & Live Mosaic <5.3 - RCE
CVSS 10.0
CVE-2024-0505 MEDIUM
ZhongFuCheng3y Austin 1.0 - Unrestricted Upload
CVSS 5.5
CVE-2024-0468 MEDIUM
Fighting Cock Information System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2024-0352 HIGH
Likeshop < 2.5.7.20210311 - Unrestricted File Upload
CVSS 7.3
Details
Vulnerabilities 4,016
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits