CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,071 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 7 of 82
- CVE-2018-25258HIGHCVSS 8.4EG 8.42026-04-12
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language…
- CVE-2018-25388HIGHCVSS 8.8EG 8.82026-05-29
HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through multiple endpoints including aksi_foto.php…
- CVE-2018-25409HIGHCVSS 8.8EG 8.82026-05-30
SIM-PKH 2.4.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by submitting PHP code through the fupload parameter. Attackers can upload PHP files via the aksi_pengurus.php endp…
- CVE-2018-25436CRITICALCVSS 9.8EG 9.82026-06-15
WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submi…
- CVE-2018-3758HIGHCVSS 8.8EG 8.82018-06-07
Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine.
- CVE-2018-3814HIGHCVSS 8.8EG 8.82018-01-01
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php …
- CVE-2018-3832CRITICALCVSS 9.0EG 9.02018-08-23
An exploitable firmware update vulnerability exists in Insteon Hub running firmware version 1013. The HTTP server allows for uploading arbitrary MPFS binaries that could be modified to enable access to hidden resources which allow for uplo…
- CVE-2018-4063HIGHCVSS 8.8EG 9.0⚠ KEV2019-05-06
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routa…
- CVE-2018-4834CRITICALCVSS 9.8EG 9.82018-01-24
A vulnerability has been identified in Desigo PXC00-E.D V4.10 (All versions < V4.10.111), Desigo PXC00-E.D V5.00 (All versions < V5.0.171), Desigo PXC00-E.D V5.10 (All versions < V5.10.69), Desigo PXC00-E.D V6.00 (All versions < V6.0.204),…
- CVE-2018-4921MEDIUMCVSS 6.1EG 6.12018-05-19
Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure.
- CVE-2018-5204CRITICALCVSS 9.8EG 9.82018-12-28
ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for cod…
- CVE-2018-5724CRITICALCVSS 9.8EG 9.82018-01-16
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.
- CVE-2018-5749CRITICALCVSS 9.8EG 9.82018-01-23
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to ex…
- CVE-2018-5997CRITICALCVSS 9.8EG 9.82018-01-25
An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to rem…
- CVE-2018-6152CRITICALCVSS 9.6EG 9.62018-12-04
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extens…
- CVE-2018-6411CRITICALCVSS 9.8EG 9.82018-05-26
An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed…
- CVE-2018-6580CRITICALCVSS 9.8EG 9.82018-02-02
Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request.
- CVE-2018-6860HIGHCVSS 8.8EG 8.82018-02-12
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
- CVE-2018-7217HIGHCVSS 8.8EG 8.82018-02-18
In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to comprom…
- CVE-2018-7316CRITICALCVSS 9.8EG 9.82018-02-22
Arbitrary File Upload exists in the Proclaim 9.1.1 component for Joomla! via a mediafileform action.
- CVE-2018-7505CRITICALCVSS 9.8EG 9.82018-05-15
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP applicat…
- CVE-2018-7562HIGHCVSS 7.5EG 7.52018-03-12
A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a fil…
- CVE-2018-7567HIGHCVSS 7.2EG 7.22018-03-04
In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embe…
- CVE-2018-7665CRITICALCVSS 9.8EG 9.82018-03-05
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
- CVE-2018-7836CRITICALCVSS 9.8EG 9.82018-12-24
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
- CVE-2018-8766CRITICALCVSS 9.8EG 9.82018-03-18
joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add.
- CVE-2018-8944CRITICALCVSS 9.8EG 9.82018-03-22
PHPOK 4.8.338 has an arbitrary file upload vulnerability.
- CVE-2018-9037HIGHCVSS 8.8EG 8.82018-04-10
Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.
- CVE-2018-9153HIGHCVSS 7.2EG 7.22018-04-16
The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerabili…
- CVE-2018-9156HIGHCVSS 7.5EG 7.52018-04-01
An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, whi…
- CVE-2018-9157HIGHCVSS 7.5EG 7.52018-04-01
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, w…
- CVE-2018-9206CRITICALCVSS 9.8EG 9.82018-10-11
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
- CVE-2018-9207CRITICALCVSS 9.8EG 9.82018-11-19
Arbitrary file upload in jQuery Upload File <= 4.0.2
- CVE-2018-9208CRITICALCVSS 9.8EG 9.82018-11-05
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta
- CVE-2018-9209CRITICALCVSS 9.8EG 9.82018-11-19
Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2
- CVE-2019-0017MEDIUMCVSS 6.5EG 8.82019-01-15
The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos …
- CVE-2019-0259CRITICALCVSS 9.8EG 9.82019-02-15
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.
- CVE-2019-0327HIGHCVSS 7.2EG 7.22019-07-10
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper …
- CVE-2019-10012HIGHCVSS 7.5EG 7.52019-03-25
Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the MoxieManager (for .NET) plugin before 2.1.4 in the moxiemanager directory…
- CVE-2019-1010062CRITICALCVSS 9.8EG 9.82019-07-16
PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. The impact is: get webshell. The component is: data/inc/images.php line36. The attack vector is: modify the MIME TYPE on HTTP request to up…
- CVE-2019-1010123HIGHCVSS 7.5EG 7.52019-07-23
MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into p…
- CVE-2019-1010209HIGHCVSS 7.5EG 7.52019-07-23
GoUrl.io GoURL Wordpress Plugin 1.4.13 and earlier is affected by: CWE-434. The impact is: unauthenticated/unzuthorized Attacker can upload executable file in website. The component is: gourl.php#L5637. The fixed version is: 1.4.14.
- CVE-2019-10267HIGHCVSS 8.8EG 8.82019-07-26
An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute …
- CVE-2019-10276CRITICALCVSS 9.8EG 9.82019-03-29
Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type.
- CVE-2019-10478HIGHCVSS 7.2EG 7.22019-04-05
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. An unrestricted file upload vulnerability in the Front Circle Controller glytoolcgi/settingfile_upload.cgi allows attackers to upload supplied data. This can …
- CVE-2019-10647CRITICALCVSS 9.8EG 9.82019-03-30
ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. For example, sourc…
- CVE-2019-10652HIGHCVSS 7.2EG 7.22019-03-30
An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.
- CVE-2019-10869HIGHCVSS 8.1EG 8.12019-05-07
Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the i…
- CVE-2019-10930HIGHCVSS 7.5EG 7.52019-07-11
A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 d…
- CVE-2019-10935HIGHCVSS 7.2EG 7.22019-07-11
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →