Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-22152 WordPress Product Import Export for WooCommerce Plugin <= 2.3.7 is vulnerable to Arbitrary File Upload — Product Import Export for WooCommerce 8.0 High2024-01-24
CVE-2024-0783 Project Worlds Online Admission System documents.php unrestricted upload — Online Admission System 6.3 Medium2024-01-22
CVE-2023-40051 Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal — OpenEdge 9.1 Critical2024-01-18
CVE-2024-0648 Yunyou CMS Common.php unrestricted upload — CMS 7.3 High2024-01-17
CVE-2024-20272 Cisco Unity Connection 安全漏洞 — Cisco Unity Connection 7.3 High2024-01-17
CVE-2024-0643 Unrestricted upload of dangerous file types in C21 Live Encoder and Live Mosaic — C21 Live Encoder and Live Mosaic 10.0 Critical2024-01-17
CVE-2023-50729 An unrestricted file upload vulnerability in traccar leads to RCE — traccar 8.5 High2024-01-15
CVE-2024-0505 ZhongFuCheng3y Austin Upload Material Menu MaterialController.java getFile unrestricted upload — Austin 5.5 Medium2024-01-13
CVE-2024-0468 code-projects Fighting Cock Information System new-father.php unrestricted upload — Fighting Cock Information System 6.3 Medium2024-01-12
CVE-2023-6316 MW WP Form <= 5.0.1 - Unauthenticated Arbitrary File Upload — MW WP Form 9.8 Critical2024-01-11
CVE-2023-6220 Piotnet Forms <= 1.0.28 - Unauthenticated Arbitrary File Upload — Piotnet Forms 8.1 High2024-01-11
CVE-2023-6636 Greenshift – animation and page builder blocks <= 7.6.2 - Authenticated (Administrator+) Arbitrary File Upload — Greenshift – animation and page builder blocks 7.2 High2024-01-11
CVE-2023-6558 Export and Import Users and Customers <= 2.4.8 - Authenticated (Shop Manager+) Arbitrary File Upload — Export and Import Users and Customers 7.2 High2024-01-11
CVE-2023-6979 Customer Reviews for WooCommerce <= 5.38.9 - Authenticated (Author+) Arbitrary File Upload — Customer Reviews for WooCommerce 8.8 High2024-01-11
CVE-2023-49715 WWBN AVideo 代码问题漏洞 — AVideo 4.3 Medium2024-01-10
CVE-2024-0352 Likeshop HTTP POST Request File.php userFormImage unrestricted upload — Likeshop 7.3 High2024-01-09
CVE-2024-0300 Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted upload — Smart S150 Management Platform 6.3 Medium2024-01-08
CVE-2023-7212 DeDeCMS Backend file_class.php unrestricted upload — DeDeCMS 4.7 Medium2024-01-07
CVE-2022-46839 WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.7.1 is vulnerable to Arbitrary File Upload — JS Help Desk – Best Help Desk & Support Plugin 10.0 Critical2024-01-05
CVE-2023-6551 Stored XSS in class.upload.php — class.upload.php 6.1AIMediumAI2024-01-04
CVE-2023-50760 Online Notice Board System v1.0 - Insecure File Upload — Online Notice Board System 8.8 High2024-01-04
CVE-2024-0194 CodeAstro Internet Banking System Profile Picture pages_account.php unrestricted upload — Internet Banking System 6.3 Medium2024-01-02
CVE-2024-0192 RRJ Nueva Ecija Engineer Online Portal Add Downloadable downloadable.php unrestricted upload — Nueva Ecija Engineer Online Portal 6.3 Medium2024-01-02
CVE-2024-0185 RRJ Nueva Ecija Engineer Online Portal Avatar dasboard_teacher.php unrestricted upload — Nueva Ecija Engineer Online Portal 4.7 Medium2024-01-02
CVE-2023-7181 Muyun DedeBIZ Add Attachment unrestricted upload — DedeBIZ 4.7 Medium2023-12-30
CVE-2023-51410 WordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload — WP Mail Log 9.9 Critical2023-12-29
CVE-2023-51411 WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload — Frontend Admin by DynamiApps 10.0 Critical2023-12-29
CVE-2023-51412 WordPress Piotnet Forms Plugin <= 1.0.25 is vulnerable to Arbitrary File Upload — Piotnet Forms 9.0 Critical2023-12-29
CVE-2023-51417 WordPress JVM rich text icons Plugin <= 1.2.3 is vulnerable to Arbitrary File Upload — JVM Gutenberg Rich Text Icons 9.9 Critical2023-12-29
CVE-2023-51419 WordPress BERTHA AI Plugin <= 1.11.10.7 is vulnerable to Arbitrary File Upload — BERTHA AI. Your AI co-pilot for WordPress and Chrome 10.0 Critical2023-12-29

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.