CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,018 vulnerabilities with CWE-434
CVE-2022-50916 HIGH
e107 CMS <3.2.1 - File Upload
CVSS 7.2
CVE-2022-50912 CRITICAL
ImpressCMS 1.4.4 - Code Injection
CVSS 9.8
CVE-2022-50907 HIGH
e107 CMS <3.2.1 - Authenticated RCE
CVSS 7.2
CVE-2022-50898 HIGH
NanoCMS 0.4 - RCE
CVSS 8.8
CVE-2022-50893 CRITICAL
VIAVIWEB Wallpaper Admin 1.0 - RCE
CVSS 9.8
CVE-2022-42449 MEDIUM
Hcltech Domino Leap < 1.1.1 - Unrestricted File Upload
CVSS 4.6
CVE-2022-27562 MEDIUM
Hcltech Domino Leap < 1.1.1 - Unrestricted File Upload
CVSS 4.6
CVE-2022-44760 MEDIUM
Hcltech Hcl Leap < 9.3.1 - Unrestricted File Upload
CVSS 4.6
CVE-2022-41573 CRITICAL
Ovidentia 8.3 - RCE
CVSS 9.8
CVE-2022-1206 HIGH
AdRotate Banner Manager - WordPress <5.13.2 - RCE
CVSS 7.2
CVE-2022-45171 HIGH
Liveboxcloud Vdesk < 018 - Unrestricted File Upload
CVSS 8.8
CVE-2022-42443 LOW
IBM Trusteer Android SDK For Mobile < 5.7 - Unrestricted File Upload
CVSS 2.2
CVE-2022-1538 HIGH
Themely Theme Demo Import < 1.1.1 - Unrestricted File Upload
CVSS 7.2
CVE-2022-46839 CRITICAL
JS Help Desk <2.7.1 - Unrestricted Upload of File with Dangerous Type
CVSS 10.0
CVE-2022-45377 MEDIUM
Codedropz Drag And Drop Multiple File... - Unrestricted File Upload
CVSS 6.5
CVE-2022-22375 HIGH
IBM Security Verify Privilege On-Premises <11.5 - Command Injection
CVSS 7.2
CVE-2022-47893 CRITICAL
Riello-ups Netman 204 Firmware - Unrestricted File Upload
CVSS 10.0
CVE-2022-47186 HIGH
Generex CS141 <2.06 - Unrestricted File Upload
CVSS 7.5
CVE-2022-46899 HIGH
Vocera Report Server & Voice Server <5.8 - Arbitrary File Upload
CVSS 7.5
CVE-2022-28863 HIGH
Nokia NetAct 22 - File Upload
CVSS 8.8
CVE-2022-40896 MEDIUM
pygments <2.15.0 - DoS
CVSS 5.5
CVE-2022-44276 CRITICAL
Responsive Filemanager < 9.12.0 - Auth Bypass
CVSS 9.8
CVE-2022-33166 HIGH
IBM Security Directory Suite VA <8.0.1.19 - Privilege Escalation
CVSS 7.2
CVE-2022-4949 HIGH
Adsanity < 1.8.2 - Unrestricted File Upload
CVSS 8.8
CVE-2022-47878 HIGH
Jedox - Unrestricted File Upload
CVSS 8.8
Details
Vulnerabilities 4,018
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits