CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,017 vulnerabilities with CWE-434
CVE-2023-38947 HIGH
WBCE CMS 1.6.1 - Code Injection
CVSS 7.2
CVE-2023-36299 HIGH
Typecho <1.2.1 - RCE
CVSS 8.8
CVE-2023-36298 HIGH
DedeCMS <5.7.109 - RCE
CVSS 8.8
CVE-2023-4121 MEDIUM
Byzoro Smart S85f < 20230722 - Unrestricted File Upload
CVSS 6.3
CVE-2023-36212 HIGH
Total CMS <1.7.4 - RCE
CVSS 8.8
CVE-2023-38330 MEDIUM
OXID eShop EE 6.5.0-6.5.2 - HTTP Response Splitting
CVSS 5.3
CVE-2023-31428 MEDIUM
Brocade Fabric OS <9.1.1c, 9.2.0 - Info Disclosure
CVSS 5.5
CVE-2023-39147 HIGH
Uvdesk 1.1.3 - RCE
CVSS 7.8
CVE-2023-33493 CRITICAL
PrestaShop <2.3.0 - Code Injection
CVSS 9.8
CVE-2023-32225 CRITICAL
Sysaid On-premises < 23.2.14 - Unrestricted File Upload
CVSS 9.8
CVE-2023-37677 CRITICAL
Pligg Cms - Unrestricted File Upload
CVSS 9.8
CVE-2023-34798 CRITICAL
Weaver E-office < 9.5 - Unrestricted File Upload
CVSS 9.8
CVE-2023-3486 HIGH
Papercut MF < 22.1.3 - Unrestricted File Upload
CVSS 8.2
CVE-2023-32637 CRITICAL
Gmod Gbrowse - Unrestricted File Upload
CVSS 9.8
CVE-2023-3852 MEDIUM
OpenRapid RapidCMS <1.3.1 - Unrestricted Upload
CVSS 4.7
CVE-2023-3836 MEDIUM
Dahua Smart Park Management <20230713 - Unrestricted Upload
CVSS 6.3
CVE-2023-3806 MEDIUM
SourceCodester House Rental <1.0 - Unrestricted Upload
CVSS 6.3
CVE-2023-3804 MEDIUM
Cdwanjiang Flash Flood Disaster Monitoring And Warning System - Unrestricted File Upload
CVSS 5.5
CVE-2023-3803 LOW
Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 - In...
CVSS 2.6
CVE-2023-3802 MEDIUM
Cdwanjiang Flash Flood Disaster Monitoring And Warning System - Unrestricted File Upload
CVSS 5.5
CVE-2023-3800 LOW
EasyAdmin8 2.0.2.2 - Unrestricted Upload
CVSS 3.9
CVE-2023-3798 MEDIUM
Cdwanjiang Flash Flood Disaster Monit... - Unrestricted File Upload
CVSS 5.5
CVE-2023-3797 MEDIUM
Istrong Four Mountain Torrent Disaste... - Unrestricted File Upload
CVSS 5.5
CVE-2023-3796 MEDIUM
Bugfinder Foody Friend - Unrestricted File Upload
CVSS 4.3
CVE-2023-37289 CRITICAL
Infodoc Document On-line Submission A... - Unrestricted File Upload
CVSS 9.8
Details
Vulnerabilities 4,017
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits