VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 81 of 84
  • CVE-2021-39154Aug 23, 2021
    risk 0.00cvss epss 0.05

    XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed…

  • CVE-2020-18704Aug 16, 2021
    risk 0.00cvss epss 0.03

    Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 allows remote attackers to execute arbitrary code via the 'image' widget in the component 'Change Widgy Page'.

  • CVE-2021-38305Aug 9, 2021
    risk 0.00cvss epss 0.02

    23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing…

  • CVE-2020-28088Aug 6, 2021
    risk 0.00cvss epss 0.02

    An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.

  • CVE-2021-28931Jul 7, 2021
    risk 0.00cvss epss 0.01

    Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.

  • CVE-2021-34551Jun 16, 2021
    risk 0.00cvss epss 0.03

    PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname.

  • CVE-2021-23394Jun 13, 2021
    risk 0.00cvss epss 0.19

    The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

  • CVE-2021-32661Jun 3, 2021
    risk 0.00cvss epss 0.01

    Backstage is an open platform for building developer portals. In versions of Backstage's Techdocs Plugin (`@backstage/plugin-techdocs`) prior to 0.9.5, a malicious internal actor can potentially upload documentation content with malicious scripts by embedding the script within…

  • CVE-2021-32660Jun 3, 2021
    risk 0.00cvss epss 0.01

    Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In versions of `@backstage/tehdocs-common` prior to 0.6.4, a malicious internal actor is able to upload documentation content with…

  • CVE-2021-32622May 17, 2021
    risk 0.00cvss epss 0.00

    Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can only occur after several user interactions…

  • CVE-2021-31542May 5, 2021
    risk 0.00cvss epss 0.05

    In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.

  • CVE-2021-21355Mar 23, 2021
    risk 0.00cvss epss 0.02

    TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1, due to the lack of ensuring file extensions belong to configured allowed mime-types, attackers can upload arbitrary data with arbitrary file extensions -…

  • CVE-2021-21357Mar 23, 2021
    risk 0.00cvss epss 0.02

    TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1 due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of…

  • CVE-2021-21346Mar 22, 2021
    risk 0.00cvss epss 0.76

    XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is…

  • CVE-2021-21347Mar 22, 2021
    risk 0.00cvss epss 0.14

    XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is…

  • CVE-2021-27817Mar 15, 2021
    risk 0.00cvss epss 0.03

    A remote command execution vulnerability in shopxo 1.9.3 allows an attacker to upload malicious code generated by phar where the suffix is JPG, which is uploaded after modifying the phar suffix.

  • CVE-2021-21014Feb 11, 2021
    risk 0.00cvss epss 0.04

    Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for…

  • CVE-2020-22643Jan 21, 2021
    risk 0.00cvss epss 0.02

    Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files.

  • CVE-2020-26255Dec 8, 2020
    risk 0.00cvss epss 0.01

    Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers…

  • CVE-2020-24407Nov 9, 2020
    risk 0.00cvss epss 0.06

    Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import…