CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,072 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 20 of 82
- CVE-2021-28428CRITICALCVSS 9.8EG 9.82022-04-05
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the …
- CVE-2021-28931HIGHCVSS 8.8EG 8.82021-07-07
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.
- CVE-2021-28976HIGHCVSS 7.2EG 7.22021-06-23
Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess.
- CVE-2021-28998HIGHCVSS 7.2EG 7.22023-05-08
File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.
- CVE-2021-29022MEDIUMCVSS 5.3EG 5.32021-05-10
In InvoicePlane 1.5.11, the upload feature discloses the full path of the file upload directory.
- CVE-2021-29092HIGHCVSS 8.8EG 8.82021-06-01
Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors.
- CVE-2021-29281CRITICALCVSS 9.8EG 9.82022-07-07
File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.
- CVE-2021-29377CRITICALCVSS 9.8EG 9.82021-08-12
Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerability that allows attackers to execute arbitrary code remotely. A .php file can be uploaded via admin.php/index/upload because app/common/service/UploadService.php mishand…
- CVE-2021-29641HIGHCVSS 8.8EG 8.82021-04-07
Directus 8 before 8.8.2 allows remote authenticated users to execute arbitrary code because file-upload permissions include the ability to upload a .php file to the main upload directory and/or upload a .php file and a .htaccess file to a …
- CVE-2021-29699MEDIUMCVSS 6.8EG 6.82021-07-15
IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600.
- CVE-2021-29891MEDIUMCVSS 4.9EG 4.92022-08-22
IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that may cause it to lose network services. IBM X-Force ID: 207221.
- CVE-2021-29907HIGHCVSS 8.8EG 8.82021-08-31
IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633.
- CVE-2021-30118CRITICALCVSS 9.8EG 9.82021-07-09
An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is v…
- CVE-2021-30149CRITICALCVSS 9.8EG 9.82021-04-06
Composr 10.0.36 allows upload and execution of PHP files.
- CVE-2021-30209MEDIUMCVSS 6.5EG 6.52021-04-15
Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions.
- CVE-2021-3120CRITICALCVSS 9.8EG 9.82021-02-22
An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server.…
- CVE-2021-31207MEDIUMCVSS 6.6EG 9.0⚠ KEV2021-05-11
Microsoft Exchange Server Security Feature Bypass Vulnerability
- CVE-2021-31314CRITICALCVSS 9.8EG 9.82024-01-20
File upload vulnerability in ejinshan v8+ terminal security system allows attackers to upload arbitrary files to arbitrary locations on the server.
- CVE-2021-31599HIGHCVSS 8.8EG 8.82021-11-08
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports (.prpt) file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticat…
- CVE-2021-3164HIGHCVSS 8.8EG 8.82021-01-26
ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php.
- CVE-2021-3166HIGHCVSS 7.5EG 7.52021-01-18
An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary file content as a firmware update when the filename Settings_DSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide r…
- CVE-2021-31703CRITICALCVSS 9.8EG 9.82021-05-29
Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user.
- CVE-2021-31707CRITICALCVSS 9.8EG 9.82023-04-04
Permissions vulnerability found in KiteCMS allows a remote attacker to execute arbitrary code via the upload file type.
- CVE-2021-31737CRITICALCVSS 9.8EG 9.82021-05-06
emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.
- CVE-2021-32089CRITICALCVSS 9.8EG 9.82021-05-11
An issue was discovered on Zebra (formerly Motorola Solutions) Fixed RFID Reader FX9500 devices. An unauthenticated attacker can upload arbitrary files to the filesystem that can then be accessed through the web interface. This can lead to…
- CVE-2021-32094HIGHCVSS 8.8EG 8.82021-05-07
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.
- CVE-2021-32243HIGHCVSS 8.8EG 8.82021-06-16
FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated).
- CVE-2021-32538CRITICALCVSS 9.8EG 9.82021-07-07
ARTWARE CMS parameter of image upload function does not filter the type of upload files which allows remote attackers can upload arbitrary files without logging in, and further execute code unrestrictedly.
- CVE-2021-32594MEDIUMCVSS 5.4EG 5.42021-08-04
An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying sy…
- CVE-2021-32622MEDIUMCVSS 4.2EG 4.22021-05-17
Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can on…
- CVE-2021-32630CRITICALCVSS 9.6EG 9.62021-05-20
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files…
- CVE-2021-32660MEDIUMCVSS 6.8EG 6.82021-06-03
Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In versions of `@backstage/tehdocs-common` prior to 0.6.4, a malicious internal actor is able to up…
- CVE-2021-32661MEDIUMCVSS 6.8EG 6.82021-06-03
Backstage is an open platform for building developer portals. In versions of Backstage's Techdocs Plugin (`@backstage/plugin-techdocs`) prior to 0.9.5, a malicious internal actor can potentially upload documentation content with malicious …
- CVE-2021-3267HIGHCVSS 7.2EG 7.22023-04-04
File Upload vulnerability found in KiteCMS v.1.1 allows a remote attacker to execute arbitrary code via the uploadFile function.
- CVE-2021-3277HIGHCVSS 7.2EG 7.22021-06-07
Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files.
- CVE-2021-32955CRITICALCVSS 9.8EG 9.82021-08-30
Delta Electronics DIAEnergie Version 1.7.5 and prior allows unrestricted file uploads, which may allow an attacker to remotely execute code.
- CVE-2021-32961HIGHCVSS 7.5EG 7.52022-04-01
A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an optional parameter, resulting in the processing of a request in a special manner. This can result in the execution of an unzip command and place a ma…
- CVE-2021-33009HIGHCVSS 7.5EG 7.52022-05-13
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to the file system.
- CVE-2021-33224CRITICALCVSS 9.8EG 9.82023-02-24
File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file.
- CVE-2021-33352CRITICALCVSS 9.8EG 9.82023-03-08
An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar file upload in the ticket message field.
- CVE-2021-33615HIGHCVSS 7.5EG 7.52022-06-02
RSA Archer 6.8.00500.1003 P5 allows Unrestricted Upload of a File with a Dangerous Type.
- CVE-2021-33698HIGHCVSS 8.8EG 8.82021-09-15
SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.
- CVE-2021-3378CRITICALCVSS 9.8EG 9.82021-02-01
FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp.
- CVE-2021-33828HIGHCVSS 8.8EG 8.82022-01-15
The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.
- CVE-2021-33884MEDIUMCVSS 6.5EG 6.52021-08-25
An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers to upload any files to the /tmp directory of the device through the webpage API. This can result in critical…
- CVE-2021-34074CRITICALCVSS 9.8EG 9.82021-06-25
PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. To bypass the built-in protection, a relative path is used in the requests.
- CVE-2021-34076HIGHCVSS 8.8EG 8.82023-05-11
File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.
- CVE-2021-34128HIGHCVSS 8.8EG 8.82021-06-15
LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname.
- CVE-2021-34257HIGHCVSS 8.8EG 8.82022-03-31
Multiple Remote Code Execution (RCE) vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to (1) Dashboard's Avatar image, (2) Posts Folder image, (3) Pages Folder image and (4) Gallery Folder image.
- CVE-2021-34427CRITICALCVSS 9.8EG 9.82021-06-25
In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance.
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →