CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,074 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 31 of 82
- CVE-2022-40035HIGHCVSS 8.8EG 8.82023-01-26
File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.
- CVE-2022-40037CRITICALCVSS 9.8EG 9.82023-01-26
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile.
- CVE-2022-40048HIGHCVSS 7.2EG 7.22022-09-29
Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function.
- CVE-2022-40050CRITICALCVSS 9.8EG 9.82022-09-26
ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component /file/upload/1.
- CVE-2022-40087CRITICALCVSS 9.8EG 9.82022-09-22
Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function file_put_contents(). This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-40200CRITICALCVSS 9.9EG 8.82022-11-17
Auth. (subscriber+) Arbitrary File Upload vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress.
- CVE-2022-40217MEDIUMCVSS 6.5EG 7.22022-09-21
Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress.
- CVE-2022-40341HIGHCVSS 8.8EG 8.82022-09-30
mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.
- CVE-2022-40407HIGHCVSS 8.8EG 8.82022-09-29
A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execute arbitrary code via a crafted Zip file.
- CVE-2022-40431CRITICALCVSS 9.8EG 9.82022-09-19
The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0.
- CVE-2022-40432CRITICALCVSS 9.8EG 9.82022-09-19
The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0.
- CVE-2022-4047CRITICALCVSS 9.8EG 9.82022-12-26
The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as …
- CVE-2022-40471CRITICALCVSS 9.8EG 9.82022-10-31
Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php
- CVE-2022-4061HIGHCVSS 7.5EG 7.52022-12-19
The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.
- CVE-2022-40721CRITICALCVSS 9.8EG 9.82022-10-03
Arbitrary file upload vulnerability in php uploader
- CVE-2022-40777HIGHCVSS 8.8EG 8.82022-10-11
Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exis…
- CVE-2022-40797CRITICALCVSS 9.8EG 9.82022-11-09
Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. (Visiting any .phar file invokes the PHP interpreter in some realistic w…
- CVE-2022-40878HIGHCVSS 8.8EG 8.82022-09-27
In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).
- CVE-2022-40886HIGHCVSS 7.2EG 7.22022-10-03
DedeCMS 5.7.98 has a file upload vulnerability in the background.
- CVE-2022-40896MEDIUMCVSS 5.5EG 5.52023-07-19
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.
- CVE-2022-40921HIGHCVSS 7.2EG 7.22022-10-12
DedeCMS V5.7.99 was discovered to contain an arbitrary file upload vulnerability via the component /dede/file_manage_control.php.
- CVE-2022-40924HIGHCVSS 7.2EG 7.22022-09-26
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_animal" file of the "Animals" module in the background management system.
- CVE-2022-40925HIGHCVSS 7.2EG 7.22022-09-26
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system.
- CVE-2022-40932HIGHCVSS 7.2EG 7.22022-09-22
In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery" file of the "Gallery" module in the background management system.
- CVE-2022-40981MEDIUMCVSS 5.9EG 10.02022-11-10
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful exis…
- CVE-2022-41217CRITICALCVSS 9.8EG 9.82023-02-22
Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.
- CVE-2022-41267CRITICALCVSS 9.9EG 8.82022-12-13
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the…
- CVE-2022-41352CRITICALCVSS 9.8EG 9.8⚠ KEV2022-09-26
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to an…
- CVE-2022-41379HIGHCVSS 7.2EG 7.22022-10-07
An arbitrary file upload vulnerability in the component /leave_system/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-41380CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
- CVE-2022-41381CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
- CVE-2022-41382CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
- CVE-2022-41383CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
- CVE-2022-41384CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.
- CVE-2022-41385CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.
- CVE-2022-41386CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.
- CVE-2022-41387CRITICALCVSS 9.8EG 9.82022-10-11
The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0.
- CVE-2022-41406HIGHCVSS 7.2EG 7.22022-10-12
An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-41437HIGHCVSS 7.2EG 7.22022-09-30
Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php.
- CVE-2022-41504HIGHCVSS 7.2EG 7.22022-10-18
An arbitrary file upload vulnerability in the component /php_action/editProductImage.php of Billing System Project v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-41512HIGHCVSS 7.2EG 7.22022-10-07
An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-41533HIGHCVSS 7.2EG 7.22022-10-13
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted P…
- CVE-2022-41534HIGHCVSS 7.2EG 7.22022-10-13
Online Diagnostic Lab Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /php_action/createOrder.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP fi…
- CVE-2022-41537HIGHCVSS 7.2EG 7.22022-10-18
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /user_operations/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP …
- CVE-2022-41538HIGHCVSS 8.8EG 8.82022-10-14
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-41539HIGHCVSS 8.8EG 8.82022-10-14
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /admin/users_add.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
- CVE-2022-41573CRITICALCVSS 9.8EG 9.82025-01-07
An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessib…
- CVE-2022-41681CRITICALCVSS 9.9EG 8.82022-10-31
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation …
- CVE-2022-41705CRITICALCVSS 9.8EG 9.82022-11-25
Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.
- CVE-2022-41711CRITICALCVSS 9.8EG 9.82022-10-25
Badaso version 2.6.0 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →