VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 1 of 84
  • CVE-2017-11357CriKEVAug 23, 2017
    risk 0.91cvss 9.8epss 0.76

    Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.

  • CVE-2018-15961CriKEVSep 25, 2018
    risk 0.87cvss 9.8epss 1.00

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.

  • CVE-2017-12615HigKEVSep 19, 2017
    risk 0.82cvss 8.1epss 1.00

    When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and…

  • CVE-2016-3088CriKEVJun 1, 2016
    risk 0.80cvss 9.8epss 0.99

    The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

  • CVE-2024-7399HigKEVAug 12, 2024
    risk 0.78cvss 8.8epss 0.92

    Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

  • CVE-2013-10066CriAug 5, 2025
    risk 0.75cvss epss 0.01

    An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code…

  • CVE-2012-10026CriAug 5, 2025
    risk 0.75cvss epss 0.01

    The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a…

  • CVE-2012-10044CriAug 8, 2025
    risk 0.74cvss epss 0.02

    MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script. The application fails to perform authentication or authorization checks before invoking file_put_contents() on attacker-controlled input. An unauthenticated attacker can…

  • CVE-2025-34077CriJul 9, 2025
    risk 0.74cvss epss 0.10

    An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the…

  • CVE-2024-42640CriOct 11, 2024
    risk 0.74cvss 9.8epss 0.44

    angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to…

  • CVE-2009-20011CriAug 30, 2025
    risk 0.73cvss epss 0.01

    ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 are vulnerable to remote command execution due to insecure handling of file uploads via the mimencode CGI utility. The vulnerability allows unauthenticated attackers to upload and execute…

  • CVE-2015-8249CriSep 28, 2017
    risk 0.73cvss 9.8epss 0.74

    The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.

  • CVE-2017-9101CriMay 21, 2017
    risk 0.73cvss 9.8epss 0.77

    import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.

  • CVE-2026-32985CriMar 20, 2026
    risk 0.72cvss 9.8epss 0.01

    Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive containing malicious PHP payloads.…

  • CVE-2024-43160CriAug 13, 2024
    risk 0.72cvss 10.0epss 0.05

    Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6.

  • CVE-2023-51409CriApr 12, 2024
    risk 0.72cvss 10.0epss 0.63

    Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98.

  • CVE-2013-10043CriJul 31, 2025
    risk 0.71cvss epss 0.02

    A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 and earlier, where improper input validation in the logon.php script allows an attacker to bypass authentication via SQL injection. Once authenticated as an administrator, the attacker can upload arbitrary PHP…

  • CVE-2024-2667CriMay 2, 2024
    risk 0.71cvss 9.8epss 0.06

    The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it…

  • CVE-2023-48777CriMar 26, 2024
    risk 0.71cvss 9.9epss 0.04

    Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1.

  • CVE-2020-36705CriJun 7, 2023
    risk 0.71cvss 9.8epss 0.07

    The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the _ning_upload_image function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on…