CWE-434— Unrestricted Upload of File with Dangerous Type
3,917 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 4 of 79
- CVE-2017-3189HIGHCVSS 8.1EG 8.12018-07-24
The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to arbitrary file upload. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, there …
- CVE-2017-6931MEDIUMCVSS 6.5EG 6.52018-03-01
In Drupal versions 8.4.x versions before 8.4.5 the Settings Tray module has a vulnerability that allows users to update certain data that they do not have the permissions for. If you have implemented a Settings Tray form in contrib or a cu…
- CVE-2017-7429HIGHCVSS 8.8EG 8.82018-03-02
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
- CVE-2017-9279LOWCVSS 2.0EG 7.22018-03-02
NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or …
- CVE-2017-9970HIGHCVSS 7.2EG 7.22018-02-12
A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host mac…
- CVE-2018-0258CRITICALCVSS 9.8EG 9.82018-05-02
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vul…
- CVE-2018-0568HIGHCVSS 8.8EG 8.82018-05-14
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors.
- CVE-2018-0571MEDIUMCVSS 4.3EG 4.32018-06-26
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files.
- CVE-2018-0587MEDIUMCVSS 4.3EG 4.32018-05-14
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors.
- CVE-2018-0645CRITICALCVSS 9.8EG 9.82018-09-07
MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors.
- CVE-2018-0686HIGHCVSS 8.8EG 8.82018-11-15
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors.
- CVE-2018-1000094HIGHCVSS 7.2EG 7.22018-03-13
CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be explo…
- CVE-2018-1000544CRITICALCVSS 9.8EG 9.82018-06-26
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploadi…
- CVE-2018-1000619HIGHCVSS 8.8EG 8.82018-07-09
Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker mus…
- CVE-2018-1000646HIGHCVSS 8.8EG 8.82018-08-20
LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution.
- CVE-2018-1000658HIGHCVSS 8.8EG 8.82018-09-06
LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitable via an authenticated user uploading a …
- CVE-2018-1000811HIGHCVSS 8.8EG 8.82018-12-20
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to up…
- CVE-2018-1000839HIGHCVSS 8.8EG 8.82018-12-20
LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type.
- CVE-2018-10173HIGHCVSS 8.8EG 8.82018-04-20
Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality.
- CVE-2018-10375CRITICALCVSS 9.8EG 9.82018-04-25
A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archives_do.php?dopost=uploadLitpic litpic parameter…
- CVE-2018-10469CRITICALCVSS 9.8EG 9.82018-04-27
b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.
- CVE-2018-10521LOWCVSS 2.7EG 2.72018-04-27
In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in the admin dashboard contains an arbitrary file movement vulnerability that can cause DoS, exploitable by an admin user, because config.php can be moved into an incorrec…
- CVE-2018-10577HIGHCVSS 8.8EG 8.82018-05-02
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload f…
- CVE-2018-10648CRITICALCVSS 9.8EG 9.82018-05-23
There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
- CVE-2018-10760HIGHCVSS 8.8EG 8.82018-05-16
Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct req…
- CVE-2018-10795HIGHCVSS 8.8EG 8.82018-05-07
Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or…
- CVE-2018-10942CRITICALCVSS 9.8EG 9.82018-05-10
modules/attributewizardpro/file_upload.php in the Attribute Wizard addon 1.6.9 for PrestaShop 1.4.0.1 through 1.6.1.18 allows remote attackers to execute arbitrary code by uploading a .phtml file.
- CVE-2018-11091CRITICALCVSS 9.9EG 9.92018-05-14
An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because …
- CVE-2018-11098HIGHCVSS 7.2EG 7.22018-05-15
An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.
- CVE-2018-11196HIGHCVSS 7.5EG 7.52018-06-01
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 can be used as medium to transmit viruses by placing infected files into a Leap2A archive and uploading that to Mahara. In contrast to other ZIP files that are u…
- CVE-2018-11221CRITICALCVSS 9.8EG 9.82018-06-16
Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system.
- CVE-2018-11322HIGHCVSS 7.5EG 7.52018-05-22
An issue was discovered in Joomla! Core before 3.8.8. Depending on the server configuration, PHAR files might be handled as executable PHP scripts by the webserver.
- CVE-2018-11331CRITICALCVSS 9.8EG 9.82018-05-21
An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the set of disallowed filetypes for uploads in missing some applicable ones such as .phtml and .htaccess.
- CVE-2018-11340HIGHCVSS 7.2EG 7.22018-05-22
An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is t…
- CVE-2018-11345HIGHCVSS 8.8EG 8.82018-05-22
An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename. This can be used to place attacker controlled code on the file system that …
- CVE-2018-11392HIGHCVSS 8.8EG 8.82018-05-29
An arbitrary file upload vulnerability in /classes/profile.class.php in Jigowatt "PHP Login & User Management" before 4.1.1, as distributed in the Envato Market, allows any remote authenticated user to upload .php files to the web server v…
- CVE-2018-11494HIGHCVSS 8.0EG 8.02018-05-26
The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can d…
- CVE-2018-11514HIGHCVSS 8.8EG 8.82018-05-28
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.
- CVE-2018-11523CRITICALCVSS 9.8EG 9.82018-05-29
upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.
- CVE-2018-11638HIGHCVSS 7.2EG 7.22018-07-03
Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution.
- CVE-2018-11736CRITICALCVSS 9.8EG 9.82018-06-05
An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file.
- CVE-2018-12045CRITICALCVSS 9.8EG 9.82018-06-08
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=upload request with an upfile1 parameter, as demonstrated by uploading a .php file.
- CVE-2018-12051CRITICALCVSS 9.8EG 9.82018-06-08
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.
- CVE-2018-1215HIGHCVSS 8.8EG 8.82018-03-08
An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell…
- CVE-2018-12256HIGHCVSS 8.8EG 8.82018-08-16
admin/vqmods.app/vqmods.inc.php in LiteCart before 2.1.3 allows remote authenticated attackers to upload a malicious file (resulting in remote code execution) by using the text/xml or application/xml Content-Type in a public_html/admin/?ap…
- CVE-2018-12263HIGHCVSS 8.8EG 8.82018-06-13
portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI.
- CVE-2018-12426CRITICALCVSS 9.8EG 9.82018-07-02
The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename …
- CVE-2018-12468CRITICALCVSS 9.1EG 7.22018-08-01
A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. In certain circumstances this …
- CVE-2018-12491CRITICALCVSS 9.8EG 9.82018-06-15
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944.
- CVE-2018-12519HIGHCVSS 8.8EG 8.82018-06-19
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to stea…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →