CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,071 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 10 of 82
- CVE-2019-19493MEDIUMCVSS 5.4EG 5.42019-12-02
Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS.
- CVE-2019-19576CRITICALCVSS 9.8EG 9.82019-12-04
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
- CVE-2019-19594CRITICALCVSS 9.8EG 9.82019-12-05
reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file.
- CVE-2019-19595CRITICALCVSS 9.8EG 9.82019-12-05
reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file.
- CVE-2019-19634CRITICALCVSS 9.8EG 9.82019-12-17
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
- CVE-2019-19684HIGHCVSS 8.8EG 8.82019-12-09
nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin.
- CVE-2019-19745HIGHCVSS 8.8EG 8.82019-12-17
Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server.
- CVE-2019-19925HIGHCVSS 7.5EG 7.52019-12-24
zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
- CVE-2019-20048HIGHCVSS 7.2EG 7.22019-12-27
An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remote attacker, with elevated privileges in the Web Directory component on port 389, may upload a PHP file to achieve Remote Code Execution as…
- CVE-2019-20183HIGHCVSS 7.2EG 7.22020-01-09
uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. The attacker can modify global.js to allow the .php extension.
- CVE-2019-20385HIGHCVSS 8.8EG 8.82020-01-21
The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI.
- CVE-2019-20451CRITICALCVSS 9.8EG 9.82020-02-10
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containin…
- CVE-2019-20897MEDIUMCVSS 6.5EG 6.52020-07-13
The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remote attackers to achieve Denial of Service via a crafted PNG file. The affected versions are before version 8.5.4, from version 8.6.0 before …
- CVE-2019-25138CRITICALCVSS 9.8EG 9.82023-06-07
The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the usp_check_images function in versions up to, and including, 20190312. This makes it possible for unauthenticat…
- CVE-2019-25229HIGHCVSS 8.8EG 8.82025-12-18
An unrestricted file upload vulnerability in Kentico Xperience allows authenticated users with 'Read data' permissions to upload arbitrary file types via MVC form file uploader components. Attackers can manipulate file names and upload pot…
- CVE-2019-25296CRITICALCVSS 9.8EG 9.82026-01-08
The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary file uploads and deletion due to missing file type validation in the lfb_upload_form and lfb_removeFile AJAX actions in versions up to, and including, 9.642. This makes…
- CVE-2019-25580HIGHCVSS 8.2EG 8.22026-03-21
ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.…
- CVE-2019-25616MEDIUMCVSS 6.2EG 6.22026-03-22
AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a …
- CVE-2019-25626HIGHCVSS 8.4EG 8.42026-03-24
River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer c…
- CVE-2019-25627HIGHCVSS 8.4EG 8.42026-03-24
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow. Attackers can craft a malicious text fi…
- CVE-2019-25673HIGHCVSS 8.8EG 8.82026-04-05
UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload P…
- CVE-2019-25714CRITICALCVSS 9.3EG 9.32026-04-21
Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint that allows remote attackers to write arbitrary files to the web application root by sending specially crafted POST reque…
- CVE-2019-25758HIGHCVSS 8.8EG 8.82026-06-19
Joomla! Component vBizz 1.0.7 contains an unrestricted file upload vulnerability that allows authenticated attackers to upload arbitrary PHP files by submitting malicious files through the profile_pic parameter. Attackers can upload PHP fi…
- CVE-2019-3489HIGHCVSS 7.5EG 7.52019-04-01
An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an…
- CVE-2019-3495HIGHCVSS 8.8EG 8.82019-03-21
An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privi…
- CVE-2019-3940CRITICALCVSS 9.8EG 9.82019-04-09
Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An unauthenticated, remote attacker can use this vulnerability to execute arbitrary code.
- CVE-2019-3960HIGHCVSS 7.2EG 7.22019-07-31
Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file.
- CVE-2019-4013CRITICALCVSS 9.0EG 9.92019-04-10
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
- CVE-2019-4056MEDIUMCVSS 4.3EG 4.32019-06-06
IBM Maximo Asset Management 7.6 Work Centers' application does not validate file type upon upload, allowing attackers to upload malicious files. IBM X-Force ID: 156565.
- CVE-2019-4069HIGHCVSS 8.8EG 8.82019-06-07
IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014.
- CVE-2019-4130HIGHCVSS 8.8EG 8.82019-12-03
IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.
- CVE-2019-4292HIGHCVSS 8.8EG 8.82019-07-02
IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.
- CVE-2019-4612HIGHCVSS 8.8EG 8.82019-12-09
IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further a…
- CVE-2019-5009HIGHCVSS 7.2EG 7.22019-01-04
Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using …
- CVE-2019-5357HIGHCVSS 8.8EG 8.82019-06-05
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
- CVE-2019-5395HIGHCVSS 8.8EG 8.82019-08-09
A remote arbitrary file upload vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
- CVE-2019-6139CRITICALCVSS 9.8EG 9.82019-02-07
Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to …
- CVE-2019-6513MEDIUMCVSS 5.4EG 5.42019-05-21
An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.
- CVE-2019-6839HIGHCVSS 8.8EG 8.82019-09-17
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-041…
- CVE-2019-7257CRITICALCVSS 10.0EG 10.02019-07-02
Linear eMerge E3-Series devices allow Unrestricted File Upload.
- CVE-2019-7268CRITICALCVSS 10.0EG 10.02019-07-02
Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.
- CVE-2019-7274CRITICALCVSS 9.8EG 9.82019-07-01
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root.
- CVE-2019-7669HIGHCVSS 8.8EG 8.82019-07-01
Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with…
- CVE-2019-7684CRITICALCVSS 9.8EG 9.82019-02-09
inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadContr…
- CVE-2019-7721HIGHCVSS 7.5EG 7.52019-02-11
lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters.
- CVE-2019-7816CRITICALCVSS 9.8EG 9.82019-05-24
ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7838CRITICALCVSS 9.8EG 9.82019-06-12
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7861HIGHCVSS 7.5EG 7.52019-08-02
Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2.
- CVE-2019-7912HIGHCVSS 7.2EG 7.22019-08-02
A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to edit configuration keys to remove file exten…
- CVE-2019-7930HIGHCVSS 7.2EG 7.22019-08-02
A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to the import feature can make modifications to a configura…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →