Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-5491 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management Platform 6.3 Medium2023-10-10
CVE-2023-5490 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform userattestation.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management Platform 6.3 Medium2023-10-10
CVE-2023-5489 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform uploadfile.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management Platform 6.3 Medium2023-10-10
CVE-2023-5488 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted upload — Smart S45F Multi-Service Secure Gateway Intelligent Management Platform 6.3 Medium2023-10-10
CVE-2023-4817 Unrestricted file upload vulnerability in ICP DAS ET-7060 — ET-7060 7.2 High2023-10-03
CVE-2022-47893 NetMan 204 Remote Code Execution — Netman-204 10.0 Critical2023-10-03
CVE-2023-4097 Multiple vulnerabilities in IDM Sistemas QSige — QSige 8.8 High2023-10-03
CVE-2023-5227 Unrestricted Upload of File with Dangerous Type in thorsten/phpmyfaq — thorsten/phpmyfaq 8.8 -2023-09-30
CVE-2023-5284 SourceCodester Engineers Online Portal upload_save_student.php unrestricted upload — Engineers Online Portal 6.3 Medium2023-09-29
CVE-2023-5277 SourceCodester Engineers Online Portal student_avatar.php unrestricted upload — Engineers Online Portal 6.3 Medium2023-09-29
CVE-2023-5262 OpenRapid RapidCMS uploadicon.php isImg unrestricted upload — RapidCMS 6.3 Medium2023-09-29
CVE-2023-5185 Gym Management System Project v1.0 - Insecure File Upload — Gym Management System Project 9.1 Critical2023-09-28
CVE-2023-43740 Online Book Store Project v1.0 - Insecure File Upload — Online Book Store Project 8.8 High2023-09-28
CVE-2022-47186 Unrestricted Upload of File vulnerability in Generex CS141 — UPS CS141 7.5 High2023-09-28
CVE-2023-39377 SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified method — SiberianCMS 7.2 High2023-09-26
CVE-2023-5154 D-Link DAR-8000 changelogo.php unrestricted upload — DAR-8000 6.3 Medium2023-09-25
CVE-2023-5150 D-Link DAR-7000/DAR-8000 web.php unrestricted upload — DAR-7000 6.3 Medium2023-09-25
CVE-2023-5149 D-Link DAR-7000 userattestation.php unrestricted upload — DAR-7000 6.3 Medium2023-09-25
CVE-2023-5148 D-Link DAR-7000/DAR-8000 uploadfile.php unrestricted upload — DAR-7000 6.3 Medium2023-09-25
CVE-2023-5147 D-Link DAR-7000 updateos.php unrestricted upload — DAR-7000 6.3 Medium2023-09-25
CVE-2023-5146 D-Link DAR-7000/DAR-8000 updatelib.php unrestricted upload — DAR-7000 6.3 Medium2023-09-25
CVE-2023-5145 D-Link DAR-7000 licence.php unrestricted upload — DAR-7000 6.3 Medium2023-09-24
CVE-2023-5144 D-Link DAR-7000/DAR-8000 updateos.php unrestricted upload — DAR-7000 6.3 Medium2023-09-24
CVE-2023-40183 DataEase has a vulnerability to obtain user cookies — dataease 7.5 High2023-09-21
CVE-2023-5034 SourceCodester My Food Recipe Image Upload index.php unrestricted upload — My Food Recipe 6.3 Medium2023-09-18
CVE-2023-4988 Bettershop LaikeTui unrestricted upload — LaikeTui 6.3 Medium2023-09-15
CVE-2023-30962 Stored XSS in cerberus attachments — com.palantir.acme.cerberus:cerberus 6.8 Medium2023-09-12
CVE-2023-40731 Siemens QMS Automotive 代码问题漏洞 — QMS Automotive 5.7 Medium2023-09-12
CVE-2023-42472 Insufficient File type validation in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) 8.7 High2023-09-12
CVE-2023-3375 Unrestricted File Upload in Bookreen — Bookreen 7.2 High2023-09-05

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.