VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 4 of 84
  • CVE-2018-5997CriJan 25, 2018
    risk 0.69cvss 9.8epss 0.24

    An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root.

  • CVE-2017-12617HigKEVOct 4, 2017
    risk 0.69cvss 8.1epss 1.00

    When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via…

  • CVE-2017-1002000CriSep 14, 2017
    risk 0.69cvss 9.8epss 0.27

    Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.

  • CVE-2026-0740CriApr 7, 2026
    risk 0.68cvss 9.8epss 0.54

    The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'NF_FU_AJAX_Controllers_Uploads::handle_upload' function in all versions up to, and including, 3.3.26. This makes it possible for…

  • CVE-2013-10067CriAug 5, 2025
    risk 0.68cvss epss 0.01

    Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface (gw_admin.php) allows users with administrator privileges to upload files to the gw_temp/a/ directory.…

  • CVE-2013-10034CriJul 31, 2025
    risk 0.68cvss epss 0.02

    An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary paths via a crafted filename parameter in a multipart/form-data POST request. Due to the lack of…

  • CVE-2025-47577CriMay 19, 2025
    risk 0.68cvss 10.0epss 0.05

    Unrestricted Upload of File with Dangerous Type vulnerability in templateinvaders TI WooCommerce Wishlist ti-woocommerce-wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a through <= 2.9.2.

  • CVE-2024-52429CriNov 18, 2024
    risk 0.68cvss 9.9epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in AntonHoelstad WP Quick Setup wp-quick-setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through <= 2.0.

  • CVE-2024-50510CriOct 30, 2024
    risk 0.68cvss 10.0epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through <= 6.3.

  • CVE-2015-9263CriAug 27, 2018
    risk 0.68cvss 9.8epss 0.12

    An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands.

  • CVE-2018-15137CriAug 8, 2018
    risk 0.68cvss 9.8epss 0.18

    CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to upload arbitrary files by utilizing the PUT method.

  • CVE-2018-13981CriJul 16, 2018
    risk 0.68cvss 9.8epss 0.17

    The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files.…

  • CVE-2018-0258CriMay 2, 2018
    risk 0.68cvss 9.8epss 0.50

    A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affects the following…

  • CVE-2018-7665CriMar 5, 2018
    risk 0.68cvss 9.8epss 0.16

    An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.

  • CVE-2017-17976CriJan 26, 2018
    risk 0.68cvss 9.8epss 0.13

    In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.

  • CVE-2018-5724CriJan 16, 2018
    risk 0.68cvss 9.8epss 0.12

    MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.

  • CVE-2017-16949CriDec 19, 2017
    risk 0.68cvss 9.8epss 0.19

    An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and…

  • CVE-2017-15580CriOct 23, 2017
    risk 0.68cvss 9.8epss 0.16

    osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a…

  • CVE-2015-2780CriOct 16, 2017
    risk 0.68cvss 9.8epss 0.15

    Unrestricted file upload vulnerability in Berta CMS allows remote attackers to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

  • CVE-2017-6090HigOct 3, 2017
    risk 0.68cvss 8.8epss 0.96

    Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/.