CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,123 vulnerabilities with CWE-434
CVE-2023-42017
HIGH
IBM Planning Analytics Local 2.0 - Arbitrary File Upload via Improper File Extension Validation
CVSS 8.0
CVE-2023-7054
MEDIUM
PHPGurukul Online Notes Sharing System 1.0 - Unrestricted File Upload via add-notes.php
CVSS 5.5
CVE-2023-7036
MEDIUM
automad < 1.10.9 - Unrestricted File Upload via FileCollectionController.php
CVSS 4.7
CVE-2023-7026
MEDIUM
Lightxun IPTV Gateway < 20231208 - Unrestricted File Upload via web_upload_template.html
CVSS 4.3
CVE-2023-25970
CRITICAL
Zendrop - Global Dropshipping <= 1.0.0 - Unrestricted Upload of File with Dangerous Type
CVSS 9.8
CVE-2023-23970
HIGH
WooRockets Corsa - Unrestricted Upload of File with Dangerous Type
CVSS 8.8
CVE-2023-49814
CRITICAL
Symbiostock < 6.0.0 - Unrestricted Upload of File with Dangerous Type
CVSS 9.1
CVE-2023-47784
HIGH
Slider Revolution < 6.6.15 - Unauthenticated Arbitrary File Upload
CVSS 8.4
CVE-2023-46149
CRITICAL
Themify Ultra < 7.3.5 - Authenticated Unrestricted Upload of File with Dangerous Type
CVSS 9.9
CVE-2023-45603
CRITICAL
User Submitted Posts < 20230902 - Unauthenticated Arbitrary File Upload
CVSS 9.0
CVE-2023-40204
CRITICAL
Premio Folders < 2.9.2 - Unauthenticated Arbitrary File Upload
CVSS 9.1
CVE-2023-34385
CRITICAL
Export Import Menus < 1.8.0 - Arbitrary File Upload
CVSS 9.9
CVE-2023-34007
CRITICAL
WPChill Download Monitor <4.8.3 - Unrestricted Upload
CVSS 9.9
CVE-2023-33318
CRITICAL
WooCommerce AutomateWoo <4.9.40 - Unrestricted Upload
CVSS 9.9
CVE-2023-31231
CRITICAL
Unlimited-elements Unlimited Elements For Elementor < 1.5.66 - Unrestricted File Upload
CVSS 9.9
CVE-2023-31215
CRITICAL
AmaderCode Lab <2.1.2 - Unrestricted Upload
CVSS 9.9
CVE-2023-29384
CRITICAL
HM Plugin WordPress Job Board and Recruitment Plugin - Unrestricted Upload of File with Dangerous Type
CVSS 10.0
CVE-2023-29102
CRITICAL
Olive One Click Demo Import <1.1.1 - Unrestricted Upload
CVSS 9.1
CVE-2023-28170
CRITICAL
Themely Theme Demo Import < 1.1.1 - Arbitrary File Upload
CVSS 9.1
CVE-2023-6562
HIGH
Kakadu SDK 4.4-8.4 - Path Traversal via JPX Fragment List Box
CVSS 7.5
CVE-2023-6976
HIGH
MLflow < 2.9.2 - Arbitrary File Write via Unrestricted File Upload
CVSS 8.8
CVE-2023-47706
MEDIUM
IBM Security Guardium Key Lifecycle Manager 4.2.0-4.2.0.2 - Unrestricted File Upload
CVSS 6.6
CVE-2023-46264
CRITICAL
Ivanti Avalanche < 6.4.2 - Unrestricted Upload of File with Dangerous Type
CVSS 9.8
CVE-2023-46263
CRITICAL
Ivanti Avalanche < 6.4.2 - Unrestricted Upload of File with Dangerous Type
CVSS 9.8
CVE-2023-4311
HIGH
Vrm 360 3D Model Viewer <1.2.1 - Code Injection
CVSS 8.8
Details
Vulnerabilities
4,123
Exploit Likelihood
Medium