CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,072 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 26 of 82
- CVE-2022-1952CRITICALCVSS 9.8EG 9.82022-07-11
The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessib…
- CVE-2022-2046MEDIUMCVSS 4.9EG 4.92022-08-08
The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run c…
- CVE-2022-20743MEDIUMCVSS 6.5EG 8.82022-05-03
A vulnerability in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulner…
- CVE-2022-2102CRITICALCVSS 9.4EG 7.52022-06-24
Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script …
- CVE-2022-2111HIGHCVSS 8.8EG 8.82022-06-17
Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.
- CVE-2022-2128CRITICALCVSS 9.8EG 9.82022-06-20
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
- CVE-2022-2180CRITICALCVSS 9.8EG 9.82022-08-15
The GREYD.SUITE WordPress theme does not properly validate uploaded custom font packages, and does not perform any authorization or csrf checks, allowing an unauthenticated attacker to upload arbitrary files including php source files, lea…
- CVE-2022-21809HIGHCVSS 8.1EG 8.12022-05-12
A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vuln…
- CVE-2022-2212MEDIUMCVSS 6.3EG 8.82022-06-27
A vulnerability was found in SourceCodester Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the component /card/index.php. The manipulation of the argument image leads to unrestricted u…
- CVE-2022-22375HIGHCVSS 7.2EG 7.22023-10-17
IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681.
- CVE-2022-22392HIGHCVSS 7.8EG 7.82022-04-25
IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.
- CVE-2022-22450LOWCVSS 3.8EG 3.82022-07-14
IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. IBM X-Force ID: 224916.
- CVE-2022-22482MEDIUMCVSS 6.5EG 6.52022-05-17
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977.
- CVE-2022-2268HIGHCVSS 7.2EG 7.22022-07-04
The Import any XML or CSV File to WordPress plugin before 3.6.8 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary fi…
- CVE-2022-22929CRITICALCVSS 9.8EG 9.82022-01-21
MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file.
- CVE-2022-22952CRITICALCVSS 9.1EG 9.12022-03-23
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control admin…
- CVE-2022-2297MEDIUMCVSS 6.3EG 8.82022-07-12
A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_pict…
- CVE-2022-23026MEDIUMCVSS 4.3EG 4.32022-01-25
On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclo…
- CVE-2022-23043HIGHCVSS 7.2EG 7.22022-02-24
Zenario CMS 9.2 allows an authenticated admin user to bypass the file upload restriction by creating a new 'File/MIME Types' using the '.phar' extension. Then an attacker can upload a malicious file, intercept the request and change the ex…
- CVE-2022-23048HIGHCVSS 7.2EG 7.22022-02-09
Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it. After upload it, the PHP file will be placed at "themes/simpletheme/{rce}.php" from where ca…
- CVE-2022-23050HIGHCVSS 7.2EG 7.22022-05-24
ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality.
- CVE-2022-23155HIGHCVSS 7.2EG 7.22022-04-01
Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.
- CVE-2022-23315CRITICALCVSS 9.8EG 9.82022-01-21
MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do.
- CVE-2022-23329CRITICALCVSS 9.8EG 9.82022-02-04
A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files.
- CVE-2022-23346HIGHCVSS 8.8EG 8.82022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
- CVE-2022-23375HIGHCVSS 8.8EG 8.82022-02-19
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php.
- CVE-2022-23390CRITICALCVSS 9.8EG 9.82022-02-14
An issue in the getType function of BBS Forum v5.3 and below allows attackers to upload arbitrary files.
- CVE-2022-2356HIGHCVSS 8.8EG 8.82022-08-08
The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded.
- CVE-2022-23880CRITICALCVSS 9.8EG 9.82022-03-23
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-23906HIGHCVSS 7.2EG 7.22022-02-28
CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.
- CVE-2022-24136CRITICALCVSS 9.8EG 9.82022-03-31
Hospital Management System v1.0 is affected by an unrestricted upload of dangerous file type vulerability in treatmentrecord.php. To exploit, an attacker can upload any PHP file, and then execute it.
- CVE-2022-2418HIGHCVSS 8.0EG 8.02022-07-15
A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is require…
- CVE-2022-2419HIGHCVSS 8.0EG 8.02022-07-15
A vulnerability was found in URVE Web Manager. It has been declared as critical. This vulnerability affects unknown code of the file _internal/collector/upload.php. The manipulation leads to unrestricted upload. Access to the local network…
- CVE-2022-2420HIGHCVSS 8.0EG 8.02022-07-15
A vulnerability was found in URVE Web Manager. It has been rated as critical. This issue affects some unknown processing of the file _internal/uploader.php. The manipulation leads to unrestricted upload. The attack needs to be approached w…
- CVE-2022-24239CRITICALCVSS 9.8EG 9.82022-06-02
ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp.
- CVE-2022-24251HIGHCVSS 8.8EG 8.82022-03-01
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function.
- CVE-2022-24252HIGHCVSS 8.8EG 8.82022-03-01
An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file.
- CVE-2022-24253HIGHCVSS 8.8EG 8.82022-03-01
Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet.
- CVE-2022-24254HIGHCVSS 8.8EG 8.82022-03-01
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
- CVE-2022-24262HIGHCVSS 8.8EG 7.82022-02-04
The config restore function of Voipmonitor GUI before v24.96 does not properly check files sent as restore archives, allowing remote attackers to execute arbitrary commands via a crafted file in the web root.
- CVE-2022-24387CRITICALCVSS 9.1EG 7.22022-03-14
With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010
- CVE-2022-24553CRITICALCVSS 9.8EG 9.82022-02-21
An issue was found in Zfaka <= 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution.
- CVE-2022-24581HIGHCVSS 7.5EG 7.52022-06-02
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password ha…
- CVE-2022-24651CRITICALCVSS 9.8EG 9.82022-03-10
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.
- CVE-2022-24652CRITICALCVSS 9.8EG 9.82022-03-10
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.
- CVE-2022-24676HIGHCVSS 8.8EG 8.82022-02-09
update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.
- CVE-2022-24688HIGHCVSS 8.8EG 8.82022-07-18
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php extension. The attacker must hijack or o…
- CVE-2022-24749MEDIUMCVSS 6.1EG 6.12022-03-14
Sylius is an open source eCommerce platform. In versions prior to 1.9.10, 1.10.11, and 1.11.2, it is possible to upload an SVG file containing cross-site scripting (XSS) code in the admin panel. In order to perform a XSS attack, the file i…
- CVE-2022-24837MEDIUMCVSS 5.3EG 5.32022-04-11
HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded d…
- CVE-2022-24984CRITICALCVSS 9.8EG 9.82022-02-16
Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →