CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,017 vulnerabilities with CWE-434
CVE-2023-45554 CRITICAL
Zzzcms - Unrestricted File Upload
CVSS 9.8
CVE-2023-26578 HIGH
IDAttend's IDWeb <3.1.013 - Command Injection
CVSS 8.8
CVE-2023-5524 HIGH
M-files Web Companion < 23.8 - Unrestricted File Upload
CVSS 8.2
CVE-2023-45384 CRITICAL
Knowband Supercheckout < 6.0.7 - Unrestricted File Upload
CVSS 9.8
CVE-2023-37502 CRITICAL
Hcltech Hcl Compass < 2.0.3 - Unrestricted File Upload
CVSS 9.0
CVE-2023-46004 HIGH
Sourcecodester Best Courier Management System 1.0 - File Upload
CVSS 7.2
CVE-2023-41631 HIGH
eSST Monitoring <2.147.1 - RCE
CVSS 8.8
CVE-2023-45952 CRITICAL
lylme_spage <1.7.0 - RCE
CVSS 9.8
CVE-2023-44824 HIGH
Oretnom23 Expense Management System - Unrestricted File Upload
CVSS 7.8
CVE-2023-34207 CRITICAL
Easyuse Mailhunter Ultimate < 2023 - Unrestricted File Upload
CVSS 9.9
CVE-2023-35018 LOW
IBM Security Verify Governance < 10.0.2 - Unrestricted File Upload
CVSS 3.3
CVE-2023-45856 CRITICAL
qdPM 9.2 - RCE
CVSS 9.8
CVE-2023-44962 MEDIUM
Koha-community Koha Library Software - Unrestricted File Upload
CVSS 5.3
CVE-2023-5493 MEDIUM
Byzoro Smart S45f Firmware < 20230928 - Unrestricted File Upload
CVSS 6.3
CVE-2023-5492 MEDIUM
Byzoro Smart S45f Firmware < 20230928 - Unrestricted File Upload
CVSS 6.3
CVE-2023-5491 MEDIUM
Byzoro Smart S45f Firmware < 20230928 - Unrestricted File Upload
CVSS 6.3
CVE-2023-5490 MEDIUM
Byzoro Smart S45f Firmware < 20230928 - Unrestricted File Upload
CVSS 6.3
CVE-2023-5489 MEDIUM
Byzoro Smart S45f Firmware < 20230928 - Unrestricted File Upload
CVSS 6.3
CVE-2023-5488 MEDIUM
Byzoro Smart S45f Firmware < 20230928 - Unrestricted File Upload
CVSS 6.3
CVE-2023-44763 MEDIUM
Concretecms Concrete Cms - Unrestricted File Upload
CVSS 5.4
CVE-2023-43696 HIGH
SICK APU - Info Disclosure
CVSS 8.2
CVE-2023-45353 HIGH
Atos Unify Openscape Common Management - Unrestricted File Upload
CVSS 8.8
CVE-2023-44061 HIGH
Simple and Nice Shopping Cart Script <1.0 - RCE
CVSS 8.8
CVE-2023-43269 CRITICAL
pigcms <7.0 - File Upload
CVSS 9.8
CVE-2023-43321 HIGH
Digital China Networks DCFW-1800-SDC v.3.0 - RCE
CVSS 8.8
Details
Vulnerabilities 4,017
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits