CWE-434
Unrestricted Upload of File with Dangerous Type
Description
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-1
CVEs mapped to this weakness (1,669)
page 75 of 84| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-37273 | — | 0.00 | — | 0.01 | Jun 4, 2024 | An arbitrary file upload vulnerability in the /v1/app/appendFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file. | ||
| CVE-2024-36858 | — | 0.00 | — | 0.03 | Jun 4, 2024 | An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file. | ||
| CVE-2023-50717 | 0.00 | — | 0.01 | May 13, 2024 | NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site… | |||
| CVE-2024-4825 | 0.00 | — | 0.01 | May 13, 2024 | A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure. | |||
| CVE-2024-32880 | 0.00 | — | 0.01 | Apr 26, 2024 | pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication. | |||
| CVE-2024-29891 | 0.00 | — | 0.01 | Mar 27, 2024 | ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the… | |||
| CVE-2024-28105 | 0.00 | — | 0.01 | Mar 25, 2024 | phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type` and `lang` parameters, allowing attackers to upload malicious files with a… | |||
| CVE-2024-29272 | — | 0.00 | — | 0.09 | Mar 22, 2024 | Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php. | ||
| CVE-2023-51444 | 0.00 | — | 0.02 | Mar 20, 2024 | GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file upload vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with permissions to modify coverage… | |||
| CVE-2024-27923 | 0.00 | — | 0.01 | Mar 6, 2024 | Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue. | |||
| CVE-2023-25365 | — | 0.00 | — | 0.00 | Feb 8, 2024 | Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3 | ||
| CVE-2024-22567 | — | 0.00 | — | 0.18 | Feb 5, 2024 | File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do. | ||
| CVE-2023-6551 | 0.00 | — | 0.00 | Jan 4, 2024 | As a simple library, class.upload.php does not perform an in-depth check on uploaded files, allowing a stored XSS vulnerability when the default configuration is used. Developers must be aware of that fact and use extension whitelisting accompanied by forcing the server to… | |||
| CVE-2023-7036 | 0.00 | — | 0.01 | Dec 21, 2023 | A vulnerability was found in automad up to 1.10.9. It has been classified as problematic. This affects the function upload of the file FileCollectionController.php of the component Content Type Handler. The manipulation leads to unrestricted upload. It is possible to initiate… | |||
| CVE-2023-6976 | 0.00 | — | 0.01 | Dec 20, 2023 | This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process. | |||
| CVE-2023-48966 | — | 0.00 | — | 0.01 | Dec 4, 2023 | An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file. | ||
| CVE-2023-48217 | 0.00 | — | 0.01 | Nov 14, 2023 | Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and… | |||
| CVE-2023-47621 | — | 0.00 | — | 0.01 | Nov 13, 2023 | Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This… | ||
| CVE-2023-47129 | 0.00 | — | 0.01 | Nov 10, 2023 | Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_… | |||
| CVE-2023-44763 | — | 0.00 | — | 0.01 | Oct 10, 2023 | Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even… |
- CVE-2024-37273Jun 4, 2024risk 0.00cvss —epss 0.01
An arbitrary file upload vulnerability in the /v1/app/appendFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file.
- CVE-2024-36858Jun 4, 2024risk 0.00cvss —epss 0.03
An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file.
- CVE-2023-50717May 13, 2024risk 0.00cvss —epss 0.01
NocoDB is software for building databases as spreadsheets. Starting in verson 0.202.6 and prior to version 0.202.10, an attacker can upload a html file with malicious content. If user tries to open that file in browser malicious scripts can be executed leading stored cross-site…
- CVE-2024-4825May 13, 2024risk 0.00cvss —epss 0.01
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure.
- CVE-2024-32880Apr 26, 2024risk 0.00cvss —epss 0.01
pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution. There is no fix available at the time of publication.
- CVE-2024-29891Mar 27, 2024risk 0.00cvss —epss 0.01
ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the…
- CVE-2024-28105Mar 25, 2024risk 0.00cvss —epss 0.01
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type` and `lang` parameters, allowing attackers to upload malicious files with a…
- CVE-2024-29272Mar 22, 2024risk 0.00cvss —epss 0.09
Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php.
- CVE-2023-51444Mar 20, 2024risk 0.00cvss —epss 0.02
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file upload vulnerability exists in versions prior to 2.23.4 and 2.24.1 that enables an authenticated administrator with permissions to modify coverage…
- CVE-2024-27923Mar 6, 2024risk 0.00cvss —epss 0.01
Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue.
- CVE-2023-25365Feb 8, 2024risk 0.00cvss —epss 0.00
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3
- CVE-2024-22567Feb 5, 2024risk 0.00cvss —epss 0.18
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do.
- CVE-2023-6551Jan 4, 2024risk 0.00cvss —epss 0.00
As a simple library, class.upload.php does not perform an in-depth check on uploaded files, allowing a stored XSS vulnerability when the default configuration is used. Developers must be aware of that fact and use extension whitelisting accompanied by forcing the server to…
- CVE-2023-7036Dec 21, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in automad up to 1.10.9. It has been classified as problematic. This affects the function upload of the file FileCollectionController.php of the component Content Type Handler. The manipulation leads to unrestricted upload. It is possible to initiate…
- CVE-2023-6976Dec 20, 2023risk 0.00cvss —epss 0.01
This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.
- CVE-2023-48966Dec 4, 2023risk 0.00cvss —epss 0.01
An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file.
- CVE-2023-48217Nov 14, 2023risk 0.00cvss —epss 0.01
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and…
- CVE-2023-47621Nov 13, 2023risk 0.00cvss —epss 0.01
Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This…
- CVE-2023-47129Nov 10, 2023risk 0.00cvss —epss 0.01
Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_…
- CVE-2023-44763Oct 10, 2023risk 0.00cvss —epss 0.01
Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even…