CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,018 vulnerabilities with CWE-434
CVE-2023-33601 HIGH
phpok <6.4.100 - RCE
CVSS 8.8
CVE-2023-33569 HIGH
Sourcecodester Faculty Evaluation System v1.0 - RCE
CVSS 7.2
CVE-2023-32628 HIGH
Advantech Webaccess/scada < 9.1.3 - Unrestricted File Upload
CVSS 7.2
CVE-2023-22450 HIGH
Advantech WebAccss/SCADA <9.1.3 - Code Injection
CVSS 7.2
CVE-2023-29631 CRITICAL
Joommasters Jms Slider - Unrestricted File Upload
CVSS 9.8
CVE-2023-33386 CRITICAL
MarsCTF 1.2.1 - File Upload
CVSS 9.8
CVE-2023-3061 MEDIUM
Agro-School Management System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2023-3032 HIGH
Mobatime <6.7.22 - Unrestricted File Upload
CVSS 8.1
CVE-2023-28700 MEDIUM
OMICARD EDM - Local Privilege Escalation
CVSS 6.8
CVE-2023-28699 HIGH
Wade Graphic Design FANTSY - Code Injection
CVSS 8.8
CVE-2023-2063 MEDIUM
Mitsubishielectric Fx5-enet/ip Firmware - Unrestricted File Upload
CVSS 6.3
CVE-2023-33508 CRITICAL
KramerAV VIA GO² <4.0.1.1326 - RCE
CVSS 9.8
CVE-2023-28353 HIGH
Faronics Insight - Unrestricted File Upload
CVSS 8.8
CVE-2023-32689 MEDIUM
Parseplatform Parse-server < 5.4.4 - Unrestricted File Upload
CVSS 6.3
CVE-2023-2924 MEDIUM
Supcontech Simfield Firmware < 1.80.00.00 - Unrestricted File Upload
CVSS 4.7
CVE-2023-32686 HIGH
Kiwitcms Kiwi Tcms < 12.2 - XSS
CVSS 8.1
CVE-2023-22504 MEDIUM
Atlassian Confluence Server < 7.13.17 - Unrestricted File Upload
CVSS 6.5
CVE-2023-2888 MEDIUM
PHPOK 6.4.100 - Unrestricted Upload
CVSS 4.7
CVE-2023-29721 CRITICAL
Sofawiki < 3.8.9 - Unrestricted File Upload
CVSS 9.8
CVE-2023-28409 CRITICAL
MW WP Form < 4.4.2 - Unrestricted File Upload
CVSS 9.8
CVE-2023-27397 CRITICAL
Microengine Mailform < 1.1.9 - Unrestricted File Upload
CVSS 9.8
CVE-2023-31689 CRITICAL
Wcms 0.3.2 - Command Injection
CVSS 9.8
CVE-2023-2712 CRITICAL
Rental Module < 23.05.15 - Unrestricted File Upload
CVSS 9.8
CVE-2023-30333 CRITICAL
Perfreeblog - Unrestricted File Upload
CVSS 9.8
CVE-2023-2776 MEDIUM
Simple Photo Gallery - Unrestricted File Upload
CVSS 6.3
Details
Vulnerabilities 4,018
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits