VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 40 of 84
  • CVE-2018-1000619HigJul 9, 2018
    risk 0.57cvss 8.8epss 0.02

    Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons.

  • CVE-2018-12263HigJun 13, 2018
    risk 0.57cvss 8.8epss 0.01

    portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI.

  • CVE-2018-1453HigJun 8, 2018
    risk 0.57cvss 8.8epss 0.02

    IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055.

  • CVE-2018-11514HigMay 28, 2018
    risk 0.57cvss 8.8epss 0.01

    PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.

  • CVE-2018-11345HigMay 22, 2018
    risk 0.57cvss 8.8epss 0.02

    An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename. This can be used to place attacker controlled code on the file system that can then be executed. Further, the…

  • CVE-2018-10760HigMay 16, 2018
    risk 0.57cvss 8.8epss 0.01

    Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory…

  • CVE-2018-0568HigMay 14, 2018
    risk 0.57cvss 8.8epss 0.02

    Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors.

  • CVE-2018-10795HigMay 7, 2018
    risk 0.57cvss 8.8epss 0.02

    Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/editor/filemana…

  • CVE-2018-9037HigApr 10, 2018
    risk 0.57cvss 8.8epss 0.03

    Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.

  • CVE-2017-16772HigMar 22, 2018
    risk 0.57cvss 8.8epss 0.03

    Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.

  • CVE-2017-16251HigMar 13, 2018
    risk 0.57cvss 8.8epss 0.02

    A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within…

  • CVE-2016-7443CriMar 7, 2018
    risk 0.57cvss 9.8epss 0.02

    Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."

  • CVE-2017-7429HigMar 2, 2018
    risk 0.57cvss 8.8epss 0.01

    The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

  • CVE-2018-7217HigFeb 18, 2018
    risk 0.57cvss 8.8epss 0.02

    In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by…

  • CVE-2016-8515HigFeb 15, 2018
    risk 0.57cvss 8.8epss 0.02

    A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

  • CVE-2017-1499HigFeb 14, 2018
    risk 0.57cvss 8.8epss 0.02

    IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker to include arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable Web server. IBM X-Force ID: 129106.

  • CVE-2018-6860HigFeb 12, 2018
    risk 0.57cvss 8.8epss 0.03

    Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.

  • CVE-2018-3814HigJan 1, 2018
    risk 0.57cvss 8.8epss 0.01

    Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.

  • CVE-2017-17727HigDec 18, 2017
    risk 0.57cvss 8.8epss 0.01

    DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php.

  • CVE-2017-16941HigNov 25, 2017
    risk 0.57cvss 8.8epss 0.02

    October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a…