CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,018 vulnerabilities with CWE-434
CVE-2023-1826 MEDIUM
SourceCodester Online Computer and Laptop Store 1.0 - Unrestricted ...
CVSS 6.3
CVE-2023-1728 CRITICAL
Fernus Informatics LMS <23.04.03 - Code Injection
CVSS 9.8
CVE-2023-1800 HIGH
s jqzhang go-fastdfs <1.4.3 - Path Traversal
CVSS 7.3
CVE-2023-1797 MEDIUM
OTCMS 6.0.1 - Unrestricted Upload
CVSS 6.3
CVE-2023-26830 HIGH
Gladinet CentreStack <13.5.9808 - RCE
CVSS 7.2
CVE-2023-1744 MEDIUM
IBOS 4.5.5 - Unrestricted Upload
CVSS 6.3
CVE-2023-1739 MEDIUM
SourceCodester Simple and Beautiful Shopping Cart System 1.0 - Unre...
CVSS 6.3
CVE-2023-28833 LOW
Nextcloud <24.0.10, <25.0.4 - Info Disclosure
CVSS 2.4
CVE-2023-1734 HIGH
SourceCodester Young Entrepreneur E-Negosyo System 1.0 - Unrestrict...
CVSS 7.3
CVE-2023-28731 CRITICAL
AnyMailing Joomla Plugin <8.3.0 - RCE
CVSS 9.8
CVE-2023-26968 CRITICAL
Atrocore 1.5.25 - Unauthenticated File Upload
CVSS 9.8
CVE-2023-1684 MEDIUM
HadSky 7.7.16 - Unrestricted Upload
CVSS 4.7
CVE-2023-27246 HIGH
MK-Auth 23.01K4.9 - Code Injection
CVSS 8.8
CVE-2023-28652 MEDIUM
Sauter-controls ey-as525f001_firmware - Denial-of-Service via Malicious Image Upload
CVSS 6.5
CVE-2023-25828 HIGH
Pluck < 4.7.16 - Unrestricted File Upload
CVSS 7.2
CVE-2023-25909 CRITICAL
Hgiga Oaklouds Portal < 2.0-10 - Unrestricted File Upload
CVSS 9.8
CVE-2023-25655 CRITICAL
Basercms < 4.7.5 - Unrestricted File Upload
CVSS 9.8
CVE-2023-25654 CRITICAL
Basercms < 4.7.5 - Unrestricted File Upload
CVSS 9.8
CVE-2023-23707 MEDIUM
Awsm Embed Any Document < 2.7.1 - XSS
CVSS 5.9
CVE-2023-1561 MEDIUM
Simple Online Hotel Reservation System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2023-1559 MEDIUM
SourceCodester Storage Unit Rental Management System 1.0 - Unrestri...
CVSS 4.7
CVE-2023-1558 MEDIUM
Simple and Beautiful Shopping Cart System 1.0 - Unrestricted Upload
CVSS 6.3
CVE-2023-28725 CRITICAL
General Bytes Crypto App Server <20230120 - RCE
CVSS 9.1
CVE-2023-1501 MEDIUM
RockOA 2.3.2 - Unrestricted Upload
CVSS 6.3
CVE-2023-1497 MEDIUM
SourceCodester Simple and Nice Shopping Cart Script 1.0 - Unrestric...
CVSS 6.3
Details
Vulnerabilities 4,018
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits