CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,072 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 19 of 82
- CVE-2021-24284CRITICALCVSS 9.8EG 9.82021-05-14
The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with …
- CVE-2021-24311HIGHCVSS 8.8EG 8.82021-06-01
The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34 was vulnerable to arbitrary file uploads via any authenticated users.
- CVE-2021-24370CRITICALCVSS 9.8EG 9.82021-06-21
The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.
- CVE-2021-24376CRITICALCVSS 9.8EG 9.82021-06-21
The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracted folders are not checked and it is pos…
- CVE-2021-24490MEDIUMCVSS 6.8EG 6.82021-09-13
The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allow…
- CVE-2021-24493CRITICALCVSS 9.8EG 9.82021-09-13
The shopp_upload_file AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing u…
- CVE-2021-24499CRITICALCVSS 9.8EG 9.82021-08-09
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowe…
- CVE-2021-24620HIGHCVSS 8.8EG 8.82021-09-13
The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. Fu…
- CVE-2021-24663HIGHCVSS 7.2EG 7.22021-09-20
The Simple Schools Staff Directory WordPress plugin through 1.1 does not validate uploaded logo pictures to ensure that are indeed images, allowing high privilege users such as admin to upload arbitrary file like PHP, leading to RCE
- CVE-2021-24947MEDIUMCVSS 6.5EG 6.52022-02-07
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, …
- CVE-2021-24960MEDIUMCVSS 5.4EG 5.42022-03-07
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, whi…
- CVE-2021-24981HIGHCVSS 7.5EG 7.52021-12-21
The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory.
- CVE-2021-25003CRITICALCVSS 9.8EG 9.82022-03-14
The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE
- CVE-2021-25094HIGHCVSS 8.1EG 9.02022-04-25
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By adding a PHP shell with a filename startin…
- CVE-2021-25119HIGHCVSS 7.2EG 7.22022-05-16
The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE
- CVE-2021-25200CRITICALCVSS 9.8EG 9.82021-07-30
Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\student_avatar.php.
- CVE-2021-25203CRITICALCVSS 9.8EG 9.82021-07-23
Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php.
- CVE-2021-25206CRITICALCVSS 9.8EG 9.82021-07-23
Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.
- CVE-2021-25207CRITICALCVSS 9.8EG 9.82021-07-23
Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.
- CVE-2021-25208CRITICALCVSS 9.8EG 9.82021-07-23
Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.
- CVE-2021-25210CRITICALCVSS 9.8EG 9.82021-07-22
Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php.
- CVE-2021-25211CRITICALCVSS 9.8EG 9.82021-07-22
Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.
- CVE-2021-25780HIGHCVSS 7.2EG 7.22021-02-17
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command…
- CVE-2021-26473CRITICALCVSS 9.8EG 9.82021-06-08
In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be execu…
- CVE-2021-26597MEDIUMCVSS 6.5EG 6.52021-03-25
An issue was discovered in Nokia NetAct 18A. A remote user, authenticated to the NOKIA NetAct Web Page, can visit the Site Configuration Tool web site section and arbitrarily upload potentially dangerous files without restrictions via the …
- CVE-2021-26628HIGHCVSS 8.1EG 6.12022-04-26
Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. When uploading file in a specific menu, the verification of the files is insufficient. It allows remote attackers to u…
- CVE-2021-26634CRITICALCVSS 9.8EG 9.82022-06-02
SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attacker…
- CVE-2021-26642HIGHCVSS 8.8EG 8.82023-01-20
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute …
- CVE-2021-26740CRITICALCVSS 9.8EG 9.82021-11-01
Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.
- CVE-2021-26794CRITICALCVSS 9.8EG 9.82021-09-23
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.
- CVE-2021-26809CRITICALCVSS 9.8EG 9.82021-02-17
PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.
- CVE-2021-26828HIGHCVSS 8.8EG 9.0⚠ KEV2021-06-11
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
- CVE-2021-26918CRITICALCVSS 9.8EG 9.82021-02-09
The ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified other impact) because the uploader web ser…
- CVE-2021-27198CRITICALCVSS 9.8EG 9.82021-02-26
An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Jav…
- CVE-2021-27274CRITICALCVSS 9.8EG 9.82021-03-29
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Authentication is not required to exploit this vulnerability. The specific flaw exists wi…
- CVE-2021-27280HIGHCVSS 7.8EG 7.82023-05-08
OS Command injection vulnerability in mblog 3.5.0 allows attackers to execute arbitrary code via crafted theme when it gets selected.
- CVE-2021-27428CRITICALCVSS 9.8EG 9.82022-03-23
GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IE…
- CVE-2021-27459CRITICALCVSS 9.8EG 9.82021-05-20
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.
- CVE-2021-27489HIGHCVSS 8.8EG 8.82021-06-16
ZOLL Defibrillator Dashboard, v prior to 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an attacker to remotely execute arbitrary commands.
- CVE-2021-27513HIGHCVSS 8.8EG 8.82021-02-22
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
- CVE-2021-27618MEDIUMCVSS 4.9EG 4.92021-05-11
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not check the file type extension of the file uploaded from local source. An attacker could craft a malicious file and u…
- CVE-2021-27771HIGHCVSS 8.2EG 7.62022-05-12
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID …
- CVE-2021-27817CRITICALCVSS 9.8EG 9.82021-03-15
A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix.
- CVE-2021-27860CRITICALCVSS 9.8EG 9.8⚠ KEV2021-12-08
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to any location on the filesystem. The Fat…
- CVE-2021-27964CRITICALCVSS 9.8EG 9.82021-03-05
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension …
- CVE-2021-27984HIGHCVSS 8.1EG 8.12021-12-10
In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files.
- CVE-2021-28023CRITICALCVSS 9.8EG 9.82021-11-08
Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths.
- CVE-2021-28173CRITICALCVSS 9.8EG 9.82021-04-06
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login.
- CVE-2021-28294CRITICALCVSS 9.8EG 9.82021-03-16
Online Ordering System 1.0 is vulnerable to arbitrary file upload through /onlineordering/GPST/store/initiateorder.php, which may lead to remote code execution (RCE).
- CVE-2021-28379HIGHCVSS 8.8EG 8.82021-03-15
web/upload/UploadHandler.php in Vesta Control Panel (aka VestaCP) through 0.9.8-27 and myVesta through 0.9.8-26-39 allows uploads from a different origin.
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →