CWE-434
Unrestricted Upload of File with Dangerous Type
Description
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-1
CVEs mapped to this weakness (1,669)
page 31 of 84| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-48734 | Hig | 0.58 | 8.8 | 0.01 | Oct 30, 2024 | Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicious files. NOTE: this is disputed by the vendor because file upload is allowed for authorized users. | ||
| CVE-2024-6315 | Hig | 0.58 | 8.8 | 0.01 | Aug 6, 2024 | The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and… | ||
| CVE-2024-6431 | Hig | 0.58 | 8.8 | 0.01 | Jul 27, 2024 | The Media.net Ads Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and missing capability check in the 'sendMail' function in all versions up to, and including, 2.10.13. This makes it possible for authenticated attackers,… | ||
| CVE-2023-7061 | Hig | 0.58 | 8.8 | 0.01 | Jul 10, 2024 | The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's… | ||
| CVE-2024-6161 | Hig | 0.58 | 8.8 | 0.01 | Jul 9, 2024 | The Default Thumbnail Plus plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'get_cache_image' function in all versions up to, and including, 1.0.2.3. This makes it possible for authenticated attackers, with contributor-level… | ||
| CVE-2024-6054 | Hig | 0.58 | 8.8 | 0.01 | Jun 27, 2024 | The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with… | ||
| CVE-2024-5853 | Cri | 0.58 | 9.9 | 0.01 | Jun 19, 2024 | The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirv_upload_file_by_chanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated… | ||
| CVE-2024-4345 | Cri | 0.58 | 9.8 | 0.01 | May 7, 2024 | The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for… | ||
| CVE-2024-4033 | Hig | 0.58 | 8.8 | 0.02 | May 2, 2024 | The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the aiovg_create_attachment_from_external_image_url function in all versions up to, and including, 3.6.4. This makes it possible for authenticated… | ||
| CVE-2024-3962 | Cri | 0.58 | 9.8 | 0.01 | Apr 26, 2024 | The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to… | ||
| CVE-2024-24809 | Hig | 0.58 | 8.5 | 0.54 | Apr 10, 2024 | Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account… | ||
| CVE-2024-1205 | Hig | 0.58 | 8.8 | 0.01 | Mar 20, 2024 | The Management App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the nouvello_upload_csv_file function in all versions up to, and… | ||
| CVE-2024-1986 | Hig | 0.58 | 8.8 | 0.01 | Mar 7, 2024 | The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wc_add_new_product() function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to… | ||
| CVE-2023-6846 | Hig | 0.58 | 8.8 | 0.16 | Feb 5, 2024 | The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute… | ||
| CVE-2023-4596 | Cri | 0.58 | 9.8 | 0.13 | Aug 30, 2023 | The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated… | ||
| CVE-2018-11392 | Hig | 0.58 | 8.8 | 0.05 | May 29, 2018 | An arbitrary file upload vulnerability in /classes/profile.class.php in Jigowatt "PHP Login & User Management" before 4.1.1, as distributed in the Envato Market, allows any remote authenticated user to upload .php files to the web server via a profile avatar field. This results… | ||
| CVE-2018-10173 | Hig | 0.58 | 8.8 | 0.05 | Apr 20, 2018 | Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality. | ||
| CVE-2018-1215 | Hig | 0.58 | 8.8 | 0.04 | Mar 8, 2018 | An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual… | ||
| CVE-2017-15549 | Hig | 0.58 | 8.8 | 0.06 | Jan 5, 2018 | An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary… | ||
| CVE-2017-10940 | Hig | 0.58 | 8.8 | 0.05 | Oct 31, 2017 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to… |
- risk 0.58cvss 8.8epss 0.01
Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicious files. NOTE: this is disputed by the vendor because file upload is allowed for authorized users.
- risk 0.58cvss 8.8epss 0.01
The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and…
- risk 0.58cvss 8.8epss 0.01
The Media.net Ads Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and missing capability check in the 'sendMail' function in all versions up to, and including, 2.10.13. This makes it possible for authenticated attackers,…
- risk 0.58cvss 8.8epss 0.01
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's…
- risk 0.58cvss 8.8epss 0.01
The Default Thumbnail Plus plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'get_cache_image' function in all versions up to, and including, 1.0.2.3. This makes it possible for authenticated attackers, with contributor-level…
- risk 0.58cvss 8.8epss 0.01
The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with…
- risk 0.58cvss 9.9epss 0.01
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirv_upload_file_by_chanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated…
- risk 0.58cvss 9.8epss 0.01
The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for…
- risk 0.58cvss 8.8epss 0.02
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the aiovg_create_attachment_from_external_image_url function in all versions up to, and including, 3.6.4. This makes it possible for authenticated…
- risk 0.58cvss 9.8epss 0.01
The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to…
- risk 0.58cvss 8.5epss 0.54
Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account…
- risk 0.58cvss 8.8epss 0.01
The Management App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the nouvello_upload_csv_file function in all versions up to, and…
- risk 0.58cvss 8.8epss 0.01
The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wc_add_new_product() function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to…
- risk 0.58cvss 8.8epss 0.16
The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute…
- risk 0.58cvss 9.8epss 0.13
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated…
- risk 0.58cvss 8.8epss 0.05
An arbitrary file upload vulnerability in /classes/profile.class.php in Jigowatt "PHP Login & User Management" before 4.1.1, as distributed in the Envato Market, allows any remote authenticated user to upload .php files to the web server via a profile avatar field. This results…
- risk 0.58cvss 8.8epss 0.05
Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality.
- risk 0.58cvss 8.8epss 0.04
An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual…
- risk 0.58cvss 8.8epss 0.06
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary…
- risk 0.58cvss 8.8epss 0.05
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to…