CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,072 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 15 of 82
- CVE-2020-25133HIGHCVSS 8.8EG 8.82020-09-25
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an in…
- CVE-2020-25134HIGHCVSS 8.8EG 8.82020-09-25
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an in…
- CVE-2020-25136HIGHCVSS 8.8EG 8.82020-09-25
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an in…
- CVE-2020-25144HIGHCVSS 8.8EG 8.82020-09-25
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an in…
- CVE-2020-25145HIGHCVSS 8.8EG 8.82020-09-25
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an in…
- CVE-2020-25149HIGHCVSS 8.8EG 8.82020-09-25
An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an in…
- CVE-2020-25213CRITICALCVSS 10.0EG 10.0⚠ KEV2020-09-09
The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example,…
- CVE-2020-25287HIGHCVSS 7.2EG 7.22020-09-13
Pligg 2.0.3 allows remote authenticated users to execute arbitrary commands because the template editor can edit any file, as demonstrated by an admin/admin_editor.php the_file=..%2Findex.php&open=Open request.
- CVE-2020-25406HIGHCVSS 7.3EG 7.32020-11-18
app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to upload executable files.
- CVE-2020-25483CRITICALCVSS 9.8EG 9.82020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
- CVE-2020-25515HIGHCVSS 7.8EG 7.82020-09-22
Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.
- CVE-2020-25537CRITICALCVSS 9.8EG 9.82020-11-30
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.
- CVE-2020-25733HIGHCVSS 7.5EG 7.52020-09-18
webTareas through 2.1 allows upload of the dangerous .exe and .shtml file types.
- CVE-2020-25763CRITICALCVSS 9.8EG 9.82020-09-30
Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.
- CVE-2020-25790HIGHCVSS 7.2EG 7.22020-09-19
Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the…
- CVE-2020-26007HIGHCVSS 7.8EG 7.82022-03-20
An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
- CVE-2020-26008HIGHCVSS 7.8EG 7.82022-03-20
The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted PHP file.
- CVE-2020-26048HIGHCVSS 8.8EG 8.82020-10-05
The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function provided by the file manager is able to modi…
- CVE-2020-26174HIGHCVSS 8.8EG 8.82020-12-18
tangro Business Workflow before 1.18.1 requests a list of allowed filetypes from the server and restricts uploads to the filetypes contained in this list. However, this restriction is enforced in the browser (client-side) and can be circum…
- CVE-2020-26252HIGHCVSS 8.7EG 8.72021-01-20
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product…
- CVE-2020-26255MEDIUMCVSS 6.8EG 6.82020-12-08
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critica…
- CVE-2020-26285HIGHCVSS 8.7EG 8.72021-01-21
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export …
- CVE-2020-26286HIGHCVSS 7.5EG 7.52020-12-29
HedgeDoc is a collaborative platform for writing and sharing markdown. In HedgeDoc before version 1.7.1 an unauthenticated attacker can upload arbitrary files to the upload storage backend including HTML, JS and PHP files. The problem is p…
- CVE-2020-26295HIGHCVSS 8.7EG 8.72021-01-21
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via …
- CVE-2020-26553CRITICALCVSS 9.8EG 9.82020-11-17
An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree.
- CVE-2020-26583MEDIUMCVSS 6.1EG 6.12020-10-16
An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. It allows unauthenticated users to upload JavaScript (in a file) via the expenses claiming functionality. However, to view the file, authentication is required. By exploitin…
- CVE-2020-26629CRITICALCVSS 9.8EG 9.82024-01-10
A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.
- CVE-2020-26678HIGHCVSS 8.8EG 8.82021-05-26
vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious PHP file on the server and gain code executio…
- CVE-2020-26803HIGHCVSS 8.8EG 8.82020-11-12
In Sentrifugo 3.2, users can upload an image under "Assets -> Add" tab. This "Upload Images" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and contro…
- CVE-2020-26804HIGHCVSS 8.8EG 8.82020-11-12
In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestri…
- CVE-2020-26806HIGHCVSS 8.8EG 8.82021-07-31
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.
- CVE-2020-26820HIGHCVSS 7.2EG 7.22020-11-10
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. …
- CVE-2020-26826MEDIUMCVSS 6.5EG 6.52020-12-09
Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.
- CVE-2020-26828MEDIUMCVSS 6.4EG 6.42020-12-09
SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which can call external applications or execute…
- CVE-2020-2730MEDIUMCVSS 5.4EG 5.42020-01-15
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Supported versions that are affected are 2.7.0.0, 2.7.0.1 and 2.8.0.0. Easily exploit…
- CVE-2020-27386HIGHCVSS 8.8EG 8.82020-11-12
An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file ty…
- CVE-2020-27387HIGHCVSS 8.8EG 8.82020-11-05
An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManage…
- CVE-2020-27397HIGHCVSS 8.8EG 8.82020-12-23
Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP…
- CVE-2020-27461HIGHCVSS 8.8EG 8.82021-08-20
A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function.
- CVE-2020-27956CRITICALCVSS 9.8EG 9.82020-10-28
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/asse…
- CVE-2020-28062HIGHCVSS 7.2EG 7.22022-04-04
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. '/ Upload/Plugins /, which could let a remote malicious user execute arbitrary code.
- CVE-2020-28063CRITICALCVSS 9.8EG 9.82021-05-13
A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.
- CVE-2020-28072HIGHCVSS 7.2EG 7.22020-12-15
A Remote Code Execution vulnerability exists in DourceCodester Alumni Management System 1.0. An authenticated attacker can upload arbitrary file in the gallery.php page and executing it on the server reaching the RCE.
- CVE-2020-28088CRITICALCVSS 9.8EG 9.82021-08-06
An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.
- CVE-2020-28130CRITICALCVSS 9.8EG 9.82020-11-17
An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admi…
- CVE-2020-28136HIGHCVSS 8.8EG 8.82020-11-17
An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page.
- CVE-2020-28140CRITICALCVSS 9.8EG 9.82020-11-17
SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php.
- CVE-2020-28165CRITICALCVSS 9.8EG 9.82021-08-12
The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage() function.
- CVE-2020-28173HIGHCVSS 7.2EG 7.22021-03-31
Simple College Website 1.0 allows a user to conduct remote code execution via /alumni/admin/ajax.php?action=save_settings when uploading a malicious file using the image upload functionality, which is stored in /alumni/admin/assets/uploads…
- CVE-2020-28328HIGHCVSS 8.8EG 8.82020-11-06
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled .php file under t…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →