CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,072 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 23 of 82
- CVE-2021-40905HIGHCVSS 8.8EG 8.82022-03-25
The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation req…
- CVE-2021-40940CRITICALCVSS 9.8EG 9.82022-06-15
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.
- CVE-2021-40954CRITICALCVSS 9.8EG 9.82022-06-23
Laiketui 3.5.0 is affected by an arbitrary file upload vulnerability that can allow an attacker to execute arbitrary code.
- CVE-2021-4096HIGHCVSS 8.8EG 8.82022-04-19
The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers to upload malicious files that could be used to gain webshell access to a serve…
- CVE-2021-41178HIGHCVSS 8.8EG 8.82021-10-25
Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user prov…
- CVE-2021-41231HIGHCVSS 7.2EG 7.22023-01-27
OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 1…
- CVE-2021-41290CRITICALCVSS 9.8EG 9.82021-09-30
ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to exe…
- CVE-2021-41421MEDIUMCVSS 4.8EG 4.82022-06-16
A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel.
- CVE-2021-41550HIGHCVSS 7.2EG 7.22022-01-18
Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code.
- CVE-2021-41560CRITICALCVSS 9.8EG 9.82021-12-15
OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an executable file via lib/FileUtility.php.
- CVE-2021-41566CRITICALCVSS 9.8EG 9.82021-10-08
The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.
- CVE-2021-41643CRITICALCVSS 9.8EG 9.82021-10-29
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.
- CVE-2021-41644CRITICALCVSS 9.8EG 9.82021-10-29
Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.
- CVE-2021-41645HIGHCVSS 8.8EG 8.82021-10-29
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. .
- CVE-2021-41646CRITICALCVSS 9.8EG 9.82021-10-29
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..
- CVE-2021-41675HIGHCVSS 7.2EG 7.22021-10-29
A Remote Code Execution (RCE) vulnerabilty exists in Sourcecodester E-Negosyo System 1.0 in /admin/produts/controller.php via the doInsert function, which validates images with getImageSizei. .
- CVE-2021-41745CRITICALCVSS 9.8EG 9.82021-10-22
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
- CVE-2021-41833CRITICALCVSS 9.8EG 9.82021-11-11
Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.
- CVE-2021-41870HIGHCVSS 8.8EG 8.82021-12-15
An issue was discovered in the firmware update form in Socomec REMOTE VIEW PRO 2.0.41.4. An authenticated attacker can bypass a client-side file-type check and upload arbitrary .php files.
- CVE-2021-41919HIGHCVSS 8.8EG 8.82021-10-08
webTareas version 2.4 and earlier allows an authenticated user to arbitrarily upload potentially dangerous files without restrictions. This is working by adding or replacing a personal profile picture. The affected endpoint is /includes/up…
- CVE-2021-41921CRITICALCVSS 9.8EG 9.82022-04-28
novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution.
- CVE-2021-41938HIGHCVSS 7.2EG 7.22022-05-19
An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations.
- CVE-2021-42099CRITICALCVSS 9.8EG 9.82021-11-30
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution.
- CVE-2021-42123HIGHCVSS 7.3EG 7.32021-11-30
Unrestricted File Upload in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 in the File Upload Functions allows an authenticated remote attacker with Upload privileges to upload files with…
- CVE-2021-42125HIGHCVSS 8.8EG 8.82021-12-07
An unrestricted file upload vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to write dangerous files.
- CVE-2021-42133HIGHCVSS 8.1EG 8.12021-12-07
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with access to the Inforail Service to perform an arbitrary file write.
- CVE-2021-42171HIGHCVSS 7.2EG 7.22022-03-14
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local v…
- CVE-2021-4225HIGHCVSS 8.8EG 8.82022-04-25
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being…
- CVE-2021-42342CRITICALCVSS 9.8EG 9.82021-10-14
An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables int…
- CVE-2021-42362HIGHCVSS 8.8EG 8.82021-11-17
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and a…
- CVE-2021-42645CRITICALCVSS 10.0EG 10.02022-05-10
CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the "File" parameter to upload a PHP payload to get a reverse shell from the vulnerable host.
- CVE-2021-42654CRITICALCVSS 9.8EG 9.82022-05-24
SiteServer CMS < V5.1 is affected by an unrestricted upload of a file with dangerous type (getshell), which could be used to execute arbitrary code.
- CVE-2021-42669CRITICALCVSS 9.8EG 9.82021-11-05
A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/u…
- CVE-2021-42675CRITICALCVSS 9.8EG 9.82022-06-14
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.
- CVE-2021-42839HIGHCVSS 8.8EG 8.82021-11-15
Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or inter…
- CVE-2021-42840HIGHCVSS 8.8EG 8.82021-10-22
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled PHP file under the web root…
- CVE-2021-42967CRITICALCVSS 9.8EG 9.82022-05-13
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.
- CVE-2021-43098HIGHCVSS 7.2EG 7.22022-03-28
A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function.
- CVE-2021-43100HIGHCVSS 7.2EG 7.22022-03-28
A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
- CVE-2021-43101HIGHCVSS 7.2EG 7.22022-03-28
A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
- CVE-2021-43102HIGHCVSS 7.2EG 7.22022-03-28
A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
- CVE-2021-43103HIGHCVSS 7.2EG 7.22022-03-28
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
- CVE-2021-43117CRITICALCVSS 9.8EG 9.82021-12-13
fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access.
- CVE-2021-43258HIGHCVSS 8.8EG 8.82022-11-23
CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requires authenticated access tot he ChurchInfo application. Once authenticated, a user can add names to their cart, and comp…
- CVE-2021-4330HIGHCVSS 8.8EG 8.82023-03-07
The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to arbitrary file uploads due to insufficient validation of file type upon extracting uploaded Zip files in the installFreeTemplateKit and uplo…
- CVE-2021-43421CRITICALCVSS 9.8EG 9.82022-04-07
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
- CVE-2021-43430HIGHCVSS 8.8EG 8.82022-04-07
An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.
- CVE-2021-4354HIGHCVSS 8.8EG 8.82023-06-07
The PWA for WP & AMP for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pwaforwp_splashscreen_uploader function in versions up to, and including, 1.7.32. This makes it possible for authenticate…
- CVE-2021-43617CRITICALCVSS 9.8EG 9.82021-11-14
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on…
- CVE-2021-4382HIGHCVSS 8.8EG 8.82023-06-07
The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetch_external_image() function in versions up to, and including, 3.0.4. This makes it possible for authenticated attacker…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →