CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,128 vulnerabilities with CWE-434
CVE-2023-44061
HIGH
Simple and Nice Shopping Cart Script <1.0 - RCE
CVSS 8.8
CVE-2023-43269
CRITICAL
pigcms < 7.0 - Arbitrary File Upload
CVSS 9.8
CVE-2023-43321
HIGH
Digital China Networks DCFW-1800-SDC v.3.0 - RCE
CVSS 8.8
CVE-2023-43838
HIGH
Personal Management System <1.4.64 - RCE
CVSS 7.8
CVE-2023-44974
CRITICAL
Emlog Pro 2.2.0 - Unauthenticated Arbitrary File Upload via Plugin Upload Endpoint
CVSS 9.8
CVE-2023-44973
CRITICAL
Emlog Pro 2.2.0 - Arbitrary File Upload and Remote Code Execution via Template Upload
CVSS 9.8
CVE-2023-4817
HIGH
ICPDAS ET-7060 Firmware - Unrestricted File Upload
CVSS 7.2
CVE-2023-4097
HIGH
qsige - Authenticated Unrestricted Upload of File with Dangerous Type
CVSS 8.8
CVE-2023-44009
CRITICAL
mojoportal 2.7.0.0 - Remote Code Execution via Skin Management File Upload
CVSS 9.8
CVE-2023-44008
CRITICAL
mojoportal 2.7.0.0 - Remote Code Execution via File Manager Upload
CVSS 9.8
CVE-2023-5227
CRITICAL
phpmyfaq < 3.1.8 - Unrestricted Upload of File with Dangerous Type
CVSS 9.8
CVE-2023-5284
MEDIUM
Engineers Online Portal 1.0 - Unrestricted Upload of File with Dangerous Type via upload_save_student.php
CVSS 6.3
CVE-2023-5277
MEDIUM
SourceCodester Engineers Online Portal 1.0 - Unrestricted File Upload via student_avatar.php
CVSS 6.3
CVE-2023-5262
MEDIUM
OpenRapid RapidCMS 1.3.1 - Unrestricted File Upload via uploadicon.php fileName Parameter
CVSS 6.3
CVE-2023-5185
CRITICAL
Gym Management System Project v1.0 - RCE
CVSS 9.1
CVE-2023-43740
HIGH
Online Book Store Project v1.0 - RCE
CVSS 8.8
CVE-2023-43226
HIGH
dedecms < 5.7.111 - Arbitrary File Upload via Baidu News Module
CVSS 8.8
CVE-2023-38874
HIGH
gugoan's Economizzer v.0.9-beta1 - RCE
CVSS 8.8
CVE-2023-42462
HIGH
GLPI 10.0.0-10.0.9 - Path Traversal and Arbitrary File Deletion via Document Upload Process
CVSS 7.7
CVE-2023-40219
HIGH
Welcart e-Commerce 2.7-2.8.21 - Authenticated Arbitrary File Upload
CVSS 7.2
CVE-2023-39377
HIGH
SiberianCMS 4.0.0-4.20.44 - Authenticated Unrestricted Upload of File with Dangerous Type
CVSS 7.2
CVE-2023-5154
MEDIUM
D-Link DAR-8000 <20151231 - Unrestricted Upload
CVSS 6.3
CVE-2023-5150
MEDIUM
D-Link DAR-7000/DAR-8000 <20151231 - Unrestricted Upload
CVSS 6.3
CVE-2023-5149
MEDIUM
D-Link DAR-7000 <20151231 - Unrestricted Upload
CVSS 6.3
CVE-2023-5148
MEDIUM
D-Link DAR-7000/DAR-8000 <20151231 - Unrestricted Upload
CVSS 6.3
Details
Vulnerabilities
4,128
Exploit Likelihood
Medium