Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-4739 Byzoro Smart S85F Management Platform updateos.php unrestricted upload — Smart S85F Management Platform 6.3 Medium2023-09-03
CVE-2023-4596 Forminator <= 1.24.6 - Unauthenticated Arbitrary File Upload — Forminator Forms – Contact Form, Payment Form & Custom Form Builder 9.8 Critical2023-08-30
CVE-2023-38029 Saho ADM100&ADM-100FP - Arbitrary File Upload — ADM100 9.8 Critical2023-08-28
CVE-2023-4559 Bettershop LaikeTui POST Request unrestricted upload — LaikeTui 6.3 Medium2023-08-27
CVE-2023-32757 e-Excellence U-Office Force - Arbitrary File Upload — U-Office Force 9.8 Critical2023-08-25
CVE-2023-24517 Remote Code Execution via Unrestricted File Upload — Pandora FMS 6.4 Medium2023-08-22
CVE-2023-4409 NBS&HappySoftWeChat unrestricted upload — NBS&HappySoftWeChat 6.3 Medium2023-08-18
CVE-2023-39970 Extension - acymailing.com - RCE in AcyMailing component for Joomla 6.7.0-8.5.0 — AcyMailing component for Joomla 9.8 -2023-08-17
CVE-2023-4186 SourceCodester Pharmacy Management System manage_website.php unrestricted upload — Pharmacy Management System 6.3 Medium2023-08-06
CVE-2023-39346 bjrjk/LinuxASMCallGraph before commit 20dba06 allows attackers to cause a RCE on the server side via uploading a crafted ZIP file due to incorrect filtering rules of uploaded file — LinuxASMCallGraph 8.8 High2023-08-04
CVE-2023-4159 Unrestricted Upload of File with Dangerous Type in omeka/omeka-s — omeka/omeka-s 8.8 -2023-08-04
CVE-2023-4121 Byzoro Smart S85F Management Platform unrestricted upload — Smart S85F Management Platform 6.3 Medium2023-08-03
CVE-2023-31428 CLI allows upload or transfer files of dangerous types — Fabric OS 5.5 Medium2023-08-01
CVE-2023-32225 Sysaid - CWE-434: Unrestricted Upload of File with Dangerous Type — Sysaid 9.8 Critical2023-07-30
CVE-2023-3486 PaperCut NG Unauthenticated File Upload — PaperCut NG 8.2 High2023-07-25
CVE-2023-3852 OpenRapid RapidCMS upload.php unrestricted upload — RapidCMS 4.7 Medium2023-07-23
CVE-2023-3836 Dahua Smart Park Management unrestricted upload — Smart Park Management 6.3 Medium2023-07-22
CVE-2023-3806 SourceCodester House Rental and Property Listing System btn_functions.php unrestricted upload — House Rental and Property Listing System 6.3 Medium2023-07-21
CVE-2023-3804 Chengdu Flash Flood Disaster Monitoring and Warning System FileHandler.ashx unrestricted upload — Flash Flood Disaster Monitoring and Warning System 5.5 Medium2023-07-21
CVE-2023-3802 Chengdu Flash Flood Disaster Monitoring and Warning System Ajaxfileupload.ashx unrestricted upload — Flash Flood Disaster Monitoring and Warning System 5.5 Medium2023-07-21
CVE-2023-3800 EasyAdmin8 File Upload Module index.html unrestricted upload — EasyAdmin8 3.9 Low2023-07-20
CVE-2023-3798 Chengdu Flash Flood Disaster Monitoring and Warning System upload.aspx unrestricted upload — Flash Flood Disaster Monitoring and Warning System 5.5 Medium2023-07-20
CVE-2023-3797 Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System UploadFloodPlanFileUpdate.ashx unrestricted upload — Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System 5.5 Medium2023-07-20
CVE-2023-3796 Bug Finder Foody Friend Profile Picture profile unrestricted upload — Foody Friend 4.3 Medium2023-07-20
CVE-2023-37289 InfoDoc Document On-line Submission and Approval System - Arbitrary File Upload — Document On-line Submission and Approval System 9.8 Critical2023-07-20
CVE-2023-3722 Avaya Aura Device Services Remote Code Execution — Aura Device Services 8.6 High2023-07-19
CVE-2023-35189 Iagona ScrutisWeb Unrestricted Upload of File with Dangerous Type — ScrutisWeb 10.0 Critical2023-07-18
CVE-2023-3692 Unrestricted Upload of File with Dangerous Type in admidio/admidio — admidio/admidio 8.8 -2023-07-16
CVE-2023-30791 Plane 0.7.1 - Insecure file upload — Plane 7.1 High2023-07-15
CVE-2023-34136 SonicWALL Analytics和GMS 代码问题漏洞 — GMS 7.5 -2023-07-13

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.