CWE-434— Unrestricted Upload of File with Dangerous Type

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.2.7, 4.1.15, 4.0.15, and 3.5.19, when fetching remote statuses, Mastodon doesn't check that the response from the remote server has a `Content-…

Alf.io is a free and open source event attendance management system. An administrator on the alf.io application is able to upload HTML files that trigger JavaScript payloads. As such, an attacker gaining administrative access to the alf.io…

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a `Conten…

A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the arg…

An issue was discovered in MISP before 2.4.184. Organisation logo upload is insecure because of a lack of checks for the file extension and MIME type.

SKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name (not the content) of a file.

SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content.

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.

In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component.

Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2.

Unrestricted Upload of File with Dangerous Type vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2.

Unrestricted Upload of File with Dangerous Type vulnerability in SYSBASICS WooCommerce Easy Checkout Field Editor, Fees & Discounts.This issue affects WooCommerce Easy Checkout Field Editor, Fees & Discounts: from n/a through 3.5.12.

File upload restriction evasion vulnerability in AMSS++ version 4.31. This vulnerability could allow an authenticated user to potentially obtain RCE through webshell, compromising the entire infrastructure.

An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.

A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of the argument file leads to unrestricted …

An Unrestricted Upload of File vulnerability has been found on Cegid Meta4 HR, that allows an attacker to upload malicios files to the server via '/config/espanol/update_password.jsp' file. Modifying the 'M4_NEW_PASSWORD' parameter, an at…

Unrestricted File Upload vulnerability in Greek Universities Network Open eClass v.3.15 and earlier allows attackers to run arbitrary code via upload of crafted file to certbadge.php endpoint.

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and…

A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file /uupdate.php. The manipulation of the argument ima leads to unrestricted upload. …

A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying …

A vulnerability was discovered in Veritas eDiscovery Platform before 10.2.5. The application administrator can upload potentially malicious files to arbitrary locations on the server on which the application is installed.

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder.

givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload.

A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. …

File Upload vulnerability in Byzro Network Smart s42 Management Platform v.S42 allows a local attacker to execute arbitrary code via the useratte/userattestation.php component.

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component.

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.

Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code ex…

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacke…

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attack…

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specifi…

Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0.

Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1.

Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9.

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type` and `lang` parameters, allowing attac…

An authenticated user can upload arbitrary files in the upload function for collection preview images. An attacker may upload an HTML file that includes malicious JavaScript code which will be executed if a user visits the direct URL of…

SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker to upload malicious code over the network, that could be executed by the application. On successful exploitation, the attacker can cause a low impact…

ReCrystallize Server 5.10.0.0 allows administrators to upload files to the server. The file upload is not restricted, leading to the ability to upload of malicious files. This could result in a Remote Code Execution.

Webedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.php

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafe_load function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file.

greykite v1.0.0 was discovered to contain an arbitrary file upload vulnerability in the load_obj function at /templates/pickle_utils.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file.

File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the messageid parameter of the mail/mailupdate.jsp endpoint.

A vulnerability classified as critical was found in SourceCodester Simple File Manager 1.0. This vulnerability affects unknown code. The manipulation of the argument photo leads to unrestricted upload. The attack can be initiated remotely.…

File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain sensitive information via the uploadfile.php component.

An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature.

Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site t…

Unrestricted Upload of File with Dangerous Type vulnerability in Tumult Inc. Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.12.

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4.

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15.