CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,018 vulnerabilities with CWE-434
CVE-2022-45759 HIGH
Sens - Unrestricted File Upload
CVSS 8.8
CVE-2022-46828 MEDIUM
JetBrains IntelliJ IDEA <2022.3 - Code Injection
CVSS 5.2
CVE-2022-45009 HIGH
Online Leave Management System - Unrestricted File Upload
CVSS 7.2
CVE-2022-45359 CRITICAL
Yithemes Yith Woocommerce Gift Cards - Unrestricted File Upload
CVSS 9.8
CVE-2022-45548 HIGH
Ayacms - Unrestricted File Upload
CVSS 8.8
CVE-2022-44289 HIGH
Thinkphp 5.1.41-5.0.24 - Code Injection
CVSS 8.8
CVE-2022-45912 HIGH
Zimbra Collaboration - Unrestricted File Upload
CVSS 7.2
CVE-2022-45771 HIGH
Pwndoc - Unrestricted File Upload
CVSS 8.8
CVE-2022-4276 MEDIUM
House Rental System - Unrestricted File Upload
CVSS 6.3
CVE-2022-4273 HIGH
Oretnom23 Human Resource Management System - Unrestricted File Upload
CVSS 7.3
CVE-2022-4272 MEDIUM
Warehouse Management System - Unrestricted File Upload
CVSS 6.3
CVE-2022-36431 CRITICAL
Rocket TRUfusion Enterprise <7.9.6.1 - RCE
CVSS 9.8
CVE-2022-4232 MEDIUM
Rinvizle Event Registration System - Unrestricted File Upload
CVSS 4.7
CVE-2022-44354 CRITICAL
SolarView Compact <5.0 - Unrestricted File Upload
CVSS 9.8
CVE-2022-38140 HIGH
WordPress SEO Plugin <12.1.10 - Arbitrary File Upload
CVSS 7.6
CVE-2022-44401 CRITICAL
Online Tours & Travels Management System v1.0 - File Upload
CVSS 9.8
CVE-2022-44400 CRITICAL
Purchase Order Management System v1.0 - File Upload Vulnerability
CVSS 9.8
CVE-2022-45476 CRITICAL
Prasathmani Tiny File Manager - Unrestricted File Upload
CVSS 9.8
CVE-2022-41705 CRITICAL
Badaso <2.6.3 - RCE
CVSS 9.8
CVE-2022-45039 HIGH
Wbce Cms - Unrestricted File Upload
CVSS 7.2
CVE-2022-2791 MEDIUM
Emerson Proficy < 9.00 - Unrestricted File Upload
CVSS 5.9
CVE-2022-30529 HIGH
Isic.lk < 2018-02-13 - Unrestricted File Upload
CVSS 7.2
CVE-2022-42698 CRITICAL
Api2cart Bridge Connector - Unrestricted File Upload
CVSS 9.8
CVE-2022-40200 CRITICAL
Gvectors Wpforo Forum < 2.0.9 - Unrestricted File Upload
CVSS 9.9
CVE-2022-43192 MEDIUM
Dedecms <5.7.101 - RCE
CVSS 6.7
Details
Vulnerabilities 4,018
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits