Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-50495 WordPress Plugin Propagator plugin <= 0.1 - Arbitrary File Upload vulnerability — Plugin Propagator 10.0 Critical2024-10-28
CVE-2024-50496 WordPress AR For WordPress plugin <= 6.6 - Arbitrary File Upload vulnerability — AR For WordPress 10.0 Critical2024-10-28
CVE-2024-10420 SourceCodester Attendance and Payroll System update.php upload unrestricted upload — Attendance and Payroll System 6.3 Medium2024-10-27
CVE-2024-10413 SourceCodester Online Hotel Reservation System update.php upload unrestricted upload — Online Hotel Reservation System 6.3 Medium2024-10-27
CVE-2024-10410 SourceCodester Online Hotel Reservation System controller.php upload unrestricted upload — Online Hotel Reservation System 6.3 Medium2024-10-27
CVE-2024-50623 Cleo多款产品 安全漏洞 — n/a 8.2 -2024-10-27
CVE-2024-9932 Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload — Wux Blog Editor 9.8 Critical2024-10-26
CVE-2024-10293 ZZCMS functions.php Ebak_SetGotoPak unrestricted upload — ZZCMS 6.3 Medium2024-10-23
CVE-2024-49652 WordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Upload vulnerability — 3D Work In Progress 9.9 Critical2024-10-23
CVE-2024-49653 WordPress Portfolleo plugin <= 1.2 - Arbitrary File Upload vulnerability — Portfolleo 9.9 Critical2024-10-23
CVE-2024-49658 WordPress Woocommerce Custom Profile Picture plugin <= 1.0 - Arbitrary File Upload vulnerability — Woocommerce Custom Profile Picture 9.9 Critical2024-10-23
CVE-2024-49668 WordPress Verbalize WP plugin <= 1.0 - Arbitrary File Upload vulnerability — Verbalize WP 10.0 Critical2024-10-23
CVE-2024-49669 WordPress INK Official plugin <= 4.1.2 - Arbitrary File Upload vulnerability — INK Official 9.9 Critical2024-10-23
CVE-2024-49671 WordPress AI Postpix plugin <= 1.1.8 - Arbitrary File Upload vulnerability — AI Image Generator for Your Content & Featured Images – AI Postpix 8.8AIHighAI2024-10-23
CVE-2024-49676 WordPress Custom Icons for Elementor plugin <= 0.3.3 - Arbitrary File Upload vulnerability — Custom Icons for Elementor 6.6 Medium2024-10-23
CVE-2024-10292 ZZCMS ChangeTable.php unrestricted upload — ZZCMS 6.3 Medium2024-10-23
CVE-2024-10201 Wellchoose Administrative Management System - Arbitrary File Upload — Administrative Management System 8.8 High2024-10-21
CVE-2024-49324 WordPress Sovratec Case Management plugin <= 1.0.0 - Arbitrary File Upload vulnerability — Sovratec Case Management 10.0 Critical2024-10-20
CVE-2024-49326 WordPress Affiliator plugin <= 2.1.3 - Arbitrary File Upload vulnerability — Affiliator 10.0 Critical2024-10-20
CVE-2024-49327 WordPress Woostagram Connect plugin <= 1.0.2 - Arbitrary File Upload vulnerability — Woostagram Connect 10.0 Critical2024-10-20
CVE-2024-49329 WordPress WP REST API FNS plugin <= 1.0.0 - Arbitrary File Upload vulnerability — WP REST API FNS 10.0 Critical2024-10-20
CVE-2024-49330 WordPress Nice Backgrounds plugin <= 1.0 - Arbitrary File Upload vulnerability — Nice Backgrounds 10.0 Critical2024-10-20
CVE-2024-49331 WordPress Property Lot Management System plugin <= 4.2.38 - Arbitrary File Upload vulnerability — Property Lot Management System 9.9 Critical2024-10-20
CVE-2024-49607 WordPress WP Dropbox Dropins plugin <= 1.0 - Arbitrary File Upload vulnerability — WP Dropbox Dropins 10.0 Critical2024-10-20
CVE-2024-49610 WordPress photokit plugin <= 1.0 - Arbitrary File Upload vulnerability — photokit 10.0 Critical2024-10-20
CVE-2024-49611 WordPress Product Website Showcase plugin <= 1.0 - Arbitrary File Upload vulnerability — Product Website Showcase 10.0 Critical2024-10-20
CVE-2024-10161 PHPGurukul Boat Booking System Update Boat Image Page change-image.php unrestricted upload — Boat Booking System 6.3 Medium2024-10-20
CVE-2024-10120 wfh45678 Radar upload unrestricted upload — Radar 7.3 High2024-10-18
CVE-2024-49291 WordPress Cooked Pro plugin < 1.8.0 - Unauthenticated Arbitrary File Upload vulnerability — Cooked Pro 10.0 Critical2024-10-17
CVE-2024-49314 WordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerability — JiangQie Free Mini Program 8.8AIHighAI2024-10-17

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.