Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-47655 Unrestricted File Upload Vulnerability — Client Dashboard 8.8 -2024-10-04
CVE-2024-7855 WP Hotel Booking <= 2.1.2 - Authenticated (Subscriber+) Arbitrary File Upload — WP Hotel Booking 8.8 High2024-10-02
CVE-2024-45965 Contao 安全漏洞 — Contao 6.4 Medium2024-10-02
CVE-2024-9108 Wechat Social login <= 1.3.0 - Unauthenticated Arbitrary File Upload — Wechat Social login 微信QQ钉钉登录插件 9.8 Critical2024-10-01
CVE-2024-9280 kalvinGit kvf-admin FileUploadKit.java fileUpload unrestricted upload — kvf-admin 4.7 Medium2024-09-27
CVE-2024-9278 HuankeMao SCRM Administrator Backend WxkConfig.php upload_domain_verification_file unrestricted upload — SCRM 4.7 Medium2024-09-27
CVE-2024-8725 Advanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Limited File Upload — Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution 6.8 Medium2024-09-26
CVE-2024-8126 Advanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Arbitrary File Upload — Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution 7.5 High2024-09-26
CVE-2024-7772 Jupiter X Core <= 4.6.5 - Unauthenticated Arbitrary File Upload — Jupiter X Core 9.8 Critical2024-09-26
CVE-2024-8940 Unrestricted Upload of File with Dangerous Type vulnerability on Scriptcase — Scriptcase 10.0 Critical2024-09-24
CVE-2024-9038 Codezips Online Shopping Portal insert-product.php unrestricted upload — Online Shopping Portal 4.3 Medium2024-09-20
CVE-2024-9036 itsourcecode Online Bookstore admin_add.php unrestricted upload — Online Bookstore 6.3 Medium2024-09-20
CVE-2024-45398 Remote command execution through file upload in contao/core-bundle — contao 8.3 High2024-09-17
CVE-2024-8242 MStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.3 - Authenticated (Subscriber+) Limited Arbitrary File Upload — MStore API – Create Native Android & iOS Apps On The Cloud 4.3 Medium2024-09-13
CVE-2024-27115 Remote Code Execution through File Upload in SOPlanning before 1.52.02 — SO Planning 9.8AICriticalAI2024-09-11
CVE-2024-8232 iniNet Solutions SpiderControl SCADA Web Server Unrestricted Upload of File with Dangerous Type — SpiderControl SCADA Web Server 7.5 High2024-09-10
CVE-2024-7770 Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload — File Manager 8.8 High2024-09-10
CVE-2024-7620 Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import — Customizer Export/Import 6.6 Medium2024-09-07
CVE-2024-8463 File upload restriction bypass vulnerability in Job Portal — Job Portal 9.9 Critical2024-09-05
CVE-2024-45076 IBM webMethods Integration code execution — webMethods Integration 9.9 Critical2024-09-04
CVE-2024-8342 SourceCodester Petshop Management System add_client.php unrestricted upload — Petshop Management System 6.3 Medium2024-08-30
CVE-2024-8341 SourceCodester Petshop Management System add_user.php unrestricted upload — Petshop Management System 6.3 Medium2024-08-30
CVE-2024-8338 HFO4 shudong-share File Extension fileReceive.php unrestricted upload — shudong-share 6.3 Medium2024-08-30
CVE-2024-8330 Gether Technology 6SHR System - Unrestricted File Upload — 6SHR System 8.8 High2024-08-30
CVE-2024-8296 FeehiCMS index.php insert unrestricted upload — FeehiCMS 6.3 Medium2024-08-29
CVE-2024-8295 FeehiCMS index.php createBanner unrestricted upload — FeehiCMS 6.3 Medium2024-08-29
CVE-2024-8294 FeehiCMS index.php update unrestricted upload — FeehiCMS 6.3 Medium2024-08-29
CVE-2024-6311 Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Upload — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free 7.2 High2024-08-28
CVE-2024-8170 SourceCodester Zipped Folder Manager App add-folder.php unrestricted upload — Zipped Folder Manager App 3.5 Low2024-08-26
CVE-2024-8166 Ruijie EG2000K index.php unrestricted upload — EG2000K 4.7 Medium2024-08-26

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.