VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 55 of 84
  • CVE-2023-3375HigSep 5, 2023
    risk 0.47cvss 7.2epss 0.01

    Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection. This issue affects Bookreen: before 3.0.0.

  • CVE-2023-24249HigFeb 27, 2023
    risk 0.47cvss 7.2epss 0.02

    An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.

  • CVE-2022-42092HigOct 7, 2022
    risk 0.47cvss 7.2epss 0.01

    Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. Note: Third parties dispute this and argue that advanced permissions are required.

  • CVE-2021-41938HigMay 19, 2022
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in ShopXO CMS 2.2.0. After entering the management page, there is an arbitrary file upload vulnerability in three locations.

  • CVE-2021-44255HigJan 31, 2022
    risk 0.47cvss 7.2epss 0.03

    Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server.

  • CVE-2021-40324HigOct 4, 2021
    risk 0.47cvss 7.5epss 0.69

    Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

  • CVE-2021-23394HigJun 13, 2021
    risk 0.47cvss 8.1epss 0.19

    The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

  • CVE-2020-22643HigJan 26, 2021
    risk 0.47cvss 7.2epss 0.02

    Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files.

  • CVE-2019-16530HigOct 21, 2019
    risk 0.47cvss 7.2epss 0.03

    Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.

  • CVE-2018-18942HigNov 5, 2018
    risk 0.47cvss 7.2epss 0.02

    In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.

  • CVE-2018-14911HigAug 3, 2018
    risk 0.47cvss 7.2epss 0.01

    A file upload vulnerability exists in ukcms v1.1.7 and earlier. The vulnerability is due to the system not strictly filtering the file upload type. An attacker can exploit the vulnerability to upload a script Trojan to admin.php/admin/configset/index/group/upload.html to gain…

  • CVE-2018-11638HigJul 3, 2018
    risk 0.47cvss 7.2epss 0.04

    Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution.

  • CVE-2018-13024HigJun 29, 2018
    risk 0.47cvss 7.2epss 0.01

    Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.

  • CVE-2018-13021HigJun 29, 2018
    risk 0.47cvss 7.2epss 0.02

    An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI.

  • CVE-2018-1265HigJun 6, 2018
    risk 0.47cvss 7.2epss 0.02

    Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps…

  • CVE-2018-11340HigMay 22, 2018
    risk 0.47cvss 7.2epss 0.02

    An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed.

  • CVE-2018-11098HigMay 15, 2018
    risk 0.47cvss 7.2epss 0.01

    An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.

  • CVE-2018-9153HigApr 16, 2018
    risk 0.47cvss 7.2epss 0.01

    The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component…

  • CVE-2018-7567HigMar 4, 2018
    risk 0.47cvss 7.2epss 0.05

    In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a…

  • CVE-2017-9970HigFeb 12, 2018
    risk 0.47cvss 7.2epss 0.05

    A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to…