VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 39 of 84
  • CVE-2022-32114HigJul 13, 2022
    risk 0.57cvss 8.8epss 0.02

    An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. NOTE: the project documentation suggests that a user with the Media Library "Create (upload)" permission is supposed to be…

  • CVE-2022-29622CriMay 16, 2022
    risk 0.57cvss 9.8epss 0.03

    An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also,…

  • CVE-2021-34257HigMar 31, 2022
    risk 0.57cvss 8.8epss 0.02

    Multiple Remote Code Execution (RCE) vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to (1) Dashboard's Avatar image, (2) Posts Folder image, (3) Pages Folder image and (4) Gallery Folder image.

  • CVE-2021-41745CriOct 22, 2021
    risk 0.57cvss 9.8epss 0.01

    ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.

  • CVE-2020-21322CriSep 15, 2021
    risk 0.57cvss 9.8epss 0.02

    An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2021-36440CriSep 8, 2021
    risk 0.57cvss 9.8epss 0.05

    Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'.

  • CVE-2020-9309HigJul 15, 2020
    risk 0.57cvss 8.8epss 0.02

    Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the…

  • CVE-2020-9471HigMar 16, 2020
    risk 0.57cvss 8.8epss 0.02

    Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Packages functionality.

  • CVE-2019-19745HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server.

  • CVE-2010-3663HigNov 4, 2019
    risk 0.57cvss 8.8epss 0.02

    TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.

  • CVE-2018-18086HigOct 9, 2018
    risk 0.57cvss 8.8epss 0.01

    EmpireCMS v7.5 has an arbitrary file upload vulnerability in the LoadInMod function in e/class/moddofun.php, exploitable by logged-in users.

  • CVE-2018-17139HigSep 17, 2018
    risk 0.57cvss 8.8epss 0.03

    UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type.

  • CVE-2018-16796HigSep 13, 2018
    risk 0.57cvss 8.8epss 0.03

    HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types.

  • CVE-2018-16974CriSep 12, 2018
    risk 0.57cvss 9.8epss 0.04

    An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in apps/filemanager/upload/drop.php by using /filemanager/api/rm/.htaccess to remove the .htaccess file, and then using a filename that ends in .php followed by space characters (for…

  • CVE-2018-15882CriAug 29, 2018
    risk 0.57cvss 9.8epss 0.03

    An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.

  • CVE-2014-10074CriAug 27, 2018
    risk 0.57cvss 9.8epss 0.03

    Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.

  • CVE-2018-1000646HigAug 20, 2018
    risk 0.57cvss 8.8epss 0.03

    LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution.

  • CVE-2018-15573HigAug 20, 2018
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata parameter and a pathname in…

  • CVE-2018-12940HigJul 31, 2018
    risk 0.57cvss 8.8epss 0.03

    Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an…

  • CVE-2018-14570HigJul 23, 2018
    risk 0.57cvss 8.8epss 0.02

    A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a…