CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-434

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1002016 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn't check to see if the user is authenticated or that they have permission to upload files.
2 CVE-2017-1002008 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
3 CVE-2017-1002003 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
4 CVE-2017-1002002 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
5 CVE-2017-1002001 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
6 CVE-2017-1002000 434 2017-09-14 2017-09-27
7.5
None Remote Low Not required Partial Partial Partial
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
7 CVE-2017-1000119 434 Exec Code 2017-10-04 2017-10-25
6.5
None Remote Low Single system Partial Partial Partial
October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server.
8 CVE-2017-15990 434 2017-10-31 2017-11-21
7.5
None Remote Low Not required Partial Partial Partial
Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/.
9 CVE-2017-15962 434 2017-10-29 2017-11-17
7.5
None Remote Low Not required Partial Partial Partial
iStock Management System 1.0 allows Arbitrary File Upload via user/profile.
10 CVE-2017-15957 434 2017-10-29 2017-11-17
6.5
None Remote Low Single system Partial Partial Partial
my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.
11 CVE-2017-15580 434 2017-10-23 2017-11-21
7.5
None Remote Low Not required Partial Partial Partial
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content.
12 CVE-2017-14958 434 Exec Code 2017-10-01 2017-10-06
6.5
None Remote Low Single system Partial Partial Partial
lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file.
13 CVE-2017-14841 434 2017-09-27 2017-10-05
4.0
None Remote Low Single system None Partial None
Mojoomla Annual Maintenance Contract (AMC) Management System allows Arbitrary File Upload in profilesetting image handling.
14 CVE-2017-14840 434 2017-09-27 2017-10-06
6.5
None Remote Low Single system Partial Partial Partial
TeamWork TicketPlus allows Arbitrary File Upload in updateProfile.
15 CVE-2017-14839 434 2017-09-27 2017-10-06
6.5
None Remote Low Single system Partial Partial Partial
TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and changeCover.
16 CVE-2017-14838 434 2017-09-27 2017-10-06
6.5
None Remote Low Single system Partial Partial Partial
TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange.
17 CVE-2017-14704 434 Exec Code 2017-09-26 2017-10-10
6.5
None Remote Low Single system Partial Partial Partial
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/profile.
18 CVE-2017-14399 434 2017-09-12 2017-09-19
6.5
None Remote Low Single system Partial Partial Partial
In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php.
19 CVE-2017-14346 434 Exec Code 2017-09-12 2017-09-26
7.5
None Remote Low Not required Partial Partial Partial
upload.php in tianchoy/blog through 2017-09-12 allows unrestricted file upload and PHP code execution by using the image/jpeg, image/pjpeg, image/png, or image/gif content type for a .php file.
20 CVE-2017-14251 434 Exec Code 2017-09-11 2017-09-15
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code.
21 CVE-2017-14123 434 2017-09-04 2017-09-13
9.0
None Remote Low Single system Complete Complete Complete
Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demonstrated by /itplus/FileStorage/302/shell.jsp.
22 CVE-2017-14079 434 Exec Code 2017-09-22 2017-09-29
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
23 CVE-2017-14050 434 Exec Code 2017-08-31 2017-09-01
6.5
None Remote Low Single system Partial Partial Partial
In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file.
24 CVE-2017-13982 434 Dir. Trav. 2017-09-29 2017-10-10
9.0
None Remote Low Single system Complete Complete Complete
A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files.
25 CVE-2017-12929 434 Exec Code 2017-09-21 2017-09-29
6.5
None Remote Low Single system Partial Partial Partial
Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution.
26 CVE-2017-12617 434 Exec Code 2017-10-03 2017-11-09
6.8
None Remote Medium Not required Partial Partial Partial
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
27 CVE-2017-12615 434 Exec Code 2017-09-19 2017-11-10
6.8
None Remote Medium Not required Partial Partial Partial
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
28 CVE-2017-11756 434 Exec Code 2017-07-30 2017-08-04
6.0
None Remote Medium Single system Partial Partial Partial
In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=config_upload, and then using user.php/music/add/ to upload the code.
29 CVE-2017-11466 434 Exec Code Dir. Trav. 2017-07-19 2017-07-25
9.0
None Remote Low Single system Complete Complete Complete
Arbitrary file upload vulnerability in com/dotmarketing/servlets/AjaxFileUploadServlet.class in dotCMS 4.1.1 allows remote authenticated administrators to upload .jsp files to arbitrary locations via directory traversal sequences in the fieldName parameter to servlets/ajax_file_upload. This results in arbitrary code execution by requesting the .jsp file at a /assets URI.
30 CVE-2017-11154 434 2017-08-08 2017-08-17
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.
31 CVE-2017-9840 434 Exec Code 2017-06-25 2017-06-30
6.5
None Remote Low Single system Partial Partial Partial
Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application.
32 CVE-2017-9650 434 Exec Code 2017-08-25 2017-09-07
4.6
None Local Low Not required Partial Partial Partial
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to upload a malicious file allowing the execution of arbitrary code.
33 CVE-2017-9380 434 Exec Code 2017-06-02 2017-06-08
6.5
None Remote Low Single system Partial Partial Partial
OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.
34 CVE-2017-9364 434 Exec Code Bypass 2017-06-02 2017-06-06
7.5
None Remote Low Not required Partial Partial Partial
Unrestricted File Upload exists in BigTree CMS through 4.2.18: if an attacker uploads an 'xxx.pht' or 'xxx.phtml' file, they could bypass a safety check and execute any code.
35 CVE-2017-9101 434 Exec Code 2017-05-21 2017-06-01
7.5
None Remote Low Not required Partial Partial Partial
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
36 CVE-2017-9080 434 Exec Code 2017-05-19 2017-06-01
7.5
None Remote Low Not required Partial Partial Partial
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.
37 CVE-2017-9069 434 Exec Code 2017-05-18 2017-05-30
6.5
None Remote Low Single system Partial Partial Partial
In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess.
38 CVE-2017-7989 434 2017-04-25 2017-05-02
4.0
None Remote Low Single system None Partial None
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.
39 CVE-2017-7695 434 Exec Code Bypass 2017-04-11 2017-04-17
7.5
None Remote Low Not required Partial Partial Partial
Unrestricted File Upload exists in BigTree CMS before 4.2.17: if an attacker uploads an 'xxx.php[space]' file, they could bypass a safety check and execute any code.
40 CVE-2017-7357 434 Exec Code 2017-04-14 2017-04-25
6.5
None Remote Low Single system Partial Partial Partial
Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file.
41 CVE-2017-7281 434 Exec Code 2017-04-12 2017-04-20
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Unitrends Enterprise Backup before 9.1.2. A lack of sanitization of user input in the createReportName and saveReport functions in recoveryconsole/bpl/reports.php allows for an authenticated user to create a randomly named file on disk with a user-controlled extension, contents, and path, leading to remote code execution, aka Unrestricted File Upload.
42 CVE-2017-6902 434 2017-03-14 2017-03-16
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in 'file upload' modules in b2evolution 6.8.8 allows authenticated users to upload malicious code (shell) by visiting the admin.php?ctrl=files page, even though the system has restricted the .php extension.
43 CVE-2017-6090 434 Exec Code 2017-10-02 2017-10-11
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/.
44 CVE-2017-6041 434 2017-06-29 2017-07-07
7.5
None Remote Low Not required Partial Partial Partial
An Unrestricted Upload issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dual Cam v139, IPM3 Single Cam v132, P520, P574, SensorX13 QC flow line, SensorX23 QC Master, SensorX23 QC Slave, Speed Batcher, T374, T377, V36, V36B, and V36C; M3210 terminal associated with the same systems as the M3000 terminal identified above; M3000 desktop software associated with the same systems as the M3000 terminal identified above; MAC4 controller associated with the same systems as the M3000 terminal identified above; SensorX23 X-ray machine; SensorX25 X-ray machine; and MWS2 weighing system. This vulnerability allows an attacker to modify the operation and upload firmware changes without detection.
45 CVE-2017-6027 434 Exec Code 2017-05-18 2017-05-26
7.5
None Remote Low Not required Partial Partial Partial
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.
46 CVE-2017-4990 434 Exec Code 2017-06-21 2017-07-06
7.5
None Remote Low Not required Partial Partial Partial
In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute arbitrary code on the Avamar Server system.
47 CVE-2017-3108 434 2017-08-11 2017-08-16
7.5
None Remote Low Not required Partial Partial Partial
Adobe Experience Manager 6.2 and earlier has a malicious file execution vulnerability.
48 CVE-2016-9268 434 Exec Code 2016-11-10 2016-11-29
9.0
None Remote Low Single system Complete Complete Complete
Unrestricted file upload vulnerability in the Blog appearance in the "Install or upgrade manually" module in Dotclear through 2.10.4 allows remote authenticated super-administrators to execute arbitrary code by uploading a theme file with an zip extension, and then accessing it via unspecified vectors.
49 CVE-2016-9187 434 Exec Code 2016-11-04 2016-11-29
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
50 CVE-2016-9186 434 Exec Code 2016-11-04 2016-11-29
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors.
Total number of vulnerabilities : 80   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.