Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-14657

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-08 Oct, 2019 | 12:02
Updated At-05 Aug, 2024 | 00:19
Rejected At-
Credits

Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar file with ../../../../ allows replacement of almost any file on a phone. This leads to password replacement and arbitrary code execution as root.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:08 Oct, 2019 | 12:02
Updated At:05 Aug, 2024 | 00:19
Rejected At:
▼CVE Numbering Authority (CNA)

Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar file with ../../../../ allows replacement of almost any file on a phone. This leads to password replacement and arbitrary code execution as root.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://cerebusforensics.com/yealink/exploit.html
x_refsource_MISC
https://sway.office.com/3pCb559LYVuT0eig
x_refsource_MISC
Hyperlink: http://cerebusforensics.com/yealink/exploit.html
Resource:
x_refsource_MISC
Hyperlink: https://sway.office.com/3pCb559LYVuT0eig
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://cerebusforensics.com/yealink/exploit.html
x_refsource_MISC
x_transferred
https://sway.office.com/3pCb559LYVuT0eig
x_refsource_MISC
x_transferred
Hyperlink: http://cerebusforensics.com/yealink/exploit.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://sway.office.com/3pCb559LYVuT0eig
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:08 Oct, 2019 | 13:15
Updated At:18 Oct, 2019 | 14:47

Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar file with ../../../../ allows replacement of almost any file on a phone. This leads to password replacement and arbitrary code execution as root.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.09.0HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
CPE Matches

yeahlink
yeahlink
>>vp59>>-
cpe:2.3:h:yeahlink:vp59:-:*:*:*:*:*:*:*
yeahlink
yeahlink
>>vp59_firmware>>Versions up to 2019-08-04(inclusive)
cpe:2.3:o:yeahlink:vp59_firmware:*:*:*:*:*:*:*:*
yeahlink
yeahlink
>>t49g>>-
cpe:2.3:h:yeahlink:t49g:-:*:*:*:*:*:*:*
yeahlink
yeahlink
>>t49g_firmware>>Versions up to 2019-08-04(inclusive)
cpe:2.3:o:yeahlink:t49g_firmware:*:*:*:*:*:*:*:*
yeahlink
yeahlink
>>t58v>>-
cpe:2.3:h:yeahlink:t58v:-:*:*:*:*:*:*:*
yeahlink
yeahlink
>>t58v_firmware>>Versions up to 2019-08-04(inclusive)
cpe:2.3:o:yeahlink:t58v_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primarynvd@nist.gov
CWE-434Primarynvd@nist.gov
CWE ID: CWE-22
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-434
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://cerebusforensics.com/yealink/exploit.htmlcve@mitre.org
Exploit
Third Party Advisory
https://sway.office.com/3pCb559LYVuT0eigcve@mitre.org
Exploit
Third Party Advisory
Hyperlink: http://cerebusforensics.com/yealink/exploit.html
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://sway.office.com/3pCb559LYVuT0eig
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1377Records found

CVE-2019-14656
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.98% / 78.17%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 12:01
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Yealink phones through 2019-08-04 do not properly check user roles in POST requests. Consequently, the default User account (with a password of user) can make admin requests via HTTP.

Action-Not Available
Vendor-yeahlinkn/a
Product-vp59_firmwaret49g_firmwaret49gt58v_firmwaret58vvp59n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8066
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-1.11% / 62.03%
||
7 Day CHG~0.00%
Published-28 Nov, 2024 | 08:47
Updated-08 Apr, 2026 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Manager Pro – Filester <= 1.8.6- Authenticated (Subscriber+) Arbitrary File Upload

The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing validation in the 'fsConnector' function in all versions up to, and including, 1.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to upload a new .htaccess file allowing them to subsequently upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-NinjaTeam
Product-filesterFile Manager Pro – Filesterfilemanager_pro-filester
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-20220
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.2||HIGH
EPSS-1.07% / 60.86%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:09
Updated-26 Nov, 2024 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must have valid device credentials, but does not need Administrator privileges. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device, including on the underlying operating system, which could also affect the availability of the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_firewall_management_centerCisco Firepower Management Centerfirepower_management_center
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-7906
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.48% / 37.90%
||
7 Day CHG~0.00%
Published-18 Aug, 2024 | 13:31
Updated-27 Sep, 2024 | 17:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DedeBIZ Attachment Settings select_images_post.php get_mime_type unrestricted upload

A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function get_mime_type of the file /admin/dialog/select_images_post.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-dedebizn/a
Product-dedebizDedeBIZ
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7943
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.70% / 48.57%
||
7 Day CHG~0.00%
Published-20 Aug, 2024 | 00:31
Updated-03 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Laravel Property Management System PropertiesController.php upload unrestricted upload

A vulnerability was found in itsourcecode Laravel Property Management System 1.0 and classified as critical. This issue affects the function upload of the file PropertiesController.php. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Adones EvangelistaITSourceCode
Product-laravel_property_management_systemLaravel Property Management Systemlaravel_property_management_system
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7944
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.52% / 40.24%
||
7 Day CHG~0.00%
Published-20 Aug, 2024 | 01:00
Updated-21 Aug, 2024 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Laravel Property Management System DocumentsController.php UpdateDocumentsRequest unrestricted upload

A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been classified as critical. Affected is the function UpdateDocumentsRequest of the file DocumentsController.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Adones EvangelistaITSourceCode
Product-laravel_property_management_systemLaravel Property Management System
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8126
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-0.95% / 56.80%
||
7 Day CHG+0.03%
Published-26 Sep, 2024 | 10:59
Updated-08 Apr, 2026 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Arbitrary File Upload

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to upload a new .htaccess file allowing them to subsequently upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-advancedfilemanagersaadiqbalmodalweb
Product-advanced_file_managerAdvanced File Manager – Ultimate File Manager for WordPress And Document Library Solutionadvanced_file_manager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8104
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.96% / 57.13%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 06:49
Updated-08 Apr, 2026 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Directory Traversal to Authenticated (Subscriber+) Arbitrary File Download

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0.8 via the download_file_ajax function. This makes it possible for authenticated attackers, with subscriber access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

Action-Not Available
Vendor-wpextendedwpextendedwpextended
Product-wp_extendedThe Ultimate WordPress Toolkit – WP Extendedwp_extended
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-8614
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.9||CRITICAL
EPSS-0.76% / 50.92%
||
7 Day CHG~0.00%
Published-06 Nov, 2024 | 08:29
Updated-08 Apr, 2026 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP JobSearch <= 2.6.7 - Authenticated (Subscriber+) Arbitrary File Upload

The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and including, 2.6.7. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-eyecixeyecixeyecix
Product-jobsearch_wp_job_boardJobSearch WP Job Boardjobsearch_wp_job_board
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8338
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.50% / 39.38%
||
7 Day CHG~0.00%
Published-30 Aug, 2024 | 14:31
Updated-25 Sep, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HFO4 shudong-share File Extension fileReceive.php unrestricted upload

A vulnerability was found in HFO4 shudong-share 2.4.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /includes/fileReceive.php of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-hfo4HFO4hfo4
Product-shudong-shareshudong-shareshudong-share
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8342
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.64% / 46.38%
||
7 Day CHG~0.00%
Published-30 Aug, 2024 | 15:31
Updated-24 Feb, 2026 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Petshop Management System add_client.php unrestricted upload

A vulnerability, which was classified as critical, has been found in SourceCodester Petshop Management System 1.0. This issue affects some unknown processing of the file /controllers/add_client.php. The manipulation of the argument image_profile leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-nelzkie15SourceCodester
Product-pet_shop_management_systemPetshop Management Systempetshop_management_system
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8164
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.55% / 41.89%
||
7 Day CHG~0.00%
Published-26 Aug, 2024 | 13:31
Updated-24 Nov, 2025 | 07:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chengdu Everbrite Network Technology BeikeShop FileManagerController.php rename unrestricted upload

A vulnerability was determined in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This affects the function rename of the file /Admin/Http/Controllers/FileManagerController.php. This manipulation of the argument new_name causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 1.6.0 is able to mitigate this issue. The affected component should be upgraded.

Action-Not Available
Vendor-beikeshopChengdu Everbrite Network Technologybeikeshop
Product-beikeshopBeikeShopchengdu_everbrite_network_technology
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8463
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-9.9||CRITICAL
EPSS-0.51% / 39.91%
||
7 Day CHG~0.00%
Published-05 Sep, 2024 | 12:49
Updated-12 Sep, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File upload restriction bypass vulnerability in Job Portal

File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.

Action-Not Available
Vendor-PHPGurukul LLP
Product-job_portalJob Portaljob_portal
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7904
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.66% / 47.29%
||
7 Day CHG~0.00%
Published-18 Aug, 2024 | 08:31
Updated-20 Aug, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DedeBIZ File Extension file_manage_control.php unrestricted upload

A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/file_manage_control.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-dedebizn/adedebiz
Product-dedebizDedeBIZdedebiz
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-3295
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.31% / 67.12%
||
7 Day CHG~0.00%
Published-17 Jun, 2023 | 01:48
Updated-08 Apr, 2026 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.66 - Authenticated (Contributor+) Arbitrary File Upload

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers, with contributor-level permissions and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The issue was partially patched in version 1.5.66 and fully patched in 1.5.67. CVE-2023-31231 appears to be a duplicate of this issue.

Action-Not Available
Vendor-unlimited-elementsunitecms
Product-unlimited_elements_for_elementorUnlimited Elements For Elementor
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-3274
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.94% / 56.57%
||
7 Day CHG~0.00%
Published-15 Jun, 2023 | 12:31
Updated-02 Aug, 2024 | 06:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Supplier Management System Picture btn_functions.php unrestricted upload

A vulnerability classified as critical has been found in code-projects Supplier Management System 1.0. Affected is an unknown function of the file btn_functions.php of the component Picture Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231624.

Action-Not Available
Vendor-supplier_management_system_projectSource Code & Projects
Product-supplier_management_systemSupplier Management System
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7985
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-2.23% / 80.66%
||
7 Day CHG~0.00%
Published-29 Oct, 2024 | 15:31
Updated-08 Apr, 2026 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FileOrganizer <= 1.0.9 - Authenticated (Subscriber+) Arbitrary File Upload

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, and permissions granted by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: The FileOrganizer Pro plugin must be installed and active to allow Subscriber+ users to upload files.

Action-Not Available
Vendor-fileorganizersoftaculoussoftaculous
Product-fileorganizerFileOrganizer – WordPress File Managerfileorganizer
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-8330
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.55% / 41.98%
||
7 Day CHG~0.00%
Published-30 Aug, 2024 | 02:29
Updated-05 Sep, 2024 | 13:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gether Technology 6SHR System - Unrestricted File Upload

6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scripts and use them to execute arbitrary system commands on the server.

Action-Not Available
Vendor-6shr_system_projectGether Technologygethertechnology
Product-6shr_system6SHR System6shr
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7770
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.07% / 60.69%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 10:59
Updated-08 Apr, 2026 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload

The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted upload permissions by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-bitappsbitpressadminbitpressadmin
Product-file_managerFile Managerbit_file_manager_wordpress
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7192
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.62% / 45.33%
||
7 Day CHG~0.00%
Published-29 Jul, 2024 | 09:00
Updated-23 Aug, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Society Management System student.php unrestricted upload

A vulnerability, which was classified as critical, was found in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/student.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272613 was assigned to this vulnerability.

Action-Not Available
Vendor-Angel Jude Reyes SuarezITSourceCode
Product-society_management_systemSociety Management Systemsociety_management_system
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7340
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-8.8||HIGH
EPSS-4.97% / 91.15%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 15:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
W&B Weave server remote arbitrary file leak and privilege escalation

The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.

Action-Not Available
Vendor-weights_\&_biases
Product-weave
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-42840
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-58.95% / 99.00%
||
7 Day CHG~0.00%
Published-22 Oct, 2021 | 18:20
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were blocked. NOTE: this issue exists because of an incomplete fix for CVE-2020-28328.

Action-Not Available
Vendor-n/aSalesAgility Ltd.
Product-suitecrmn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7384
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-0.96% / 57.15%
||
7 Day CHG~0.00%
Published-22 Aug, 2024 | 02:02
Updated-08 Apr, 2026 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AcyMailing <= 9.7.2 - Authenticated (Subscriber+) Arbitrary File Upload via acym_extractArchive Function

The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the acym_extractArchive function in all versions up to, and including, 9.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-AcyMailing (Altavia Jetpulp SAS, formerly ACYBA)
Product-acymailingAcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPressacymailing
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7149
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.03% / 59.38%
||
7 Day CHG+0.03%
Published-27 Sep, 2024 | 13:52
Updated-08 Apr, 2026 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Event Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.8 - Authenticated (Contributor+) Local File Inclusion

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

Action-Not Available
Vendor-themewinterarrayticsthemewinter
Product-eventinEventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)eventin
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-41463
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-1.08% / 61.08%
||
7 Day CHG~0.00%
Published-27 Apr, 2026 | 15:09
Updated-14 May, 2026 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ProjeQtor < 12.4.4 ZipSlip Path Traversal via uploadPlugin.php

ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions to write files outside the intended extraction directory by crafting ZIP archives with directory traversal sequences. Attackers can exploit unvalidated archive extraction to write a PHP webshell to a web-accessible directory and achieve remote code execution with the privileges of the web server process.

Action-Not Available
Vendor-ProjeQtor
Product-ProjeQtor
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-7506
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.69% / 48.24%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 04:31
Updated-11 Sep, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Tailoring Management System setlogo.php unrestricted upload

A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The manipulation of the argument bgimg leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273649 was assigned to this vulnerability.

Action-Not Available
Vendor-Angel Jude Reyes SuarezITSourceCode
Product-tailoring_management_systemTailoring Management Systemtailoring_management_system
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7146
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.96% / 57.11%
||
7 Day CHG~0.00%
Published-16 Aug, 2024 | 10:59
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JetTabs <= 2.2.3 - Authenticated (Contributor+) Arbitrary Local File Inclusion

The JetTabs for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.3 via the 'switcher_preset' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

Action-Not Available
Vendor-Crocoblockcrocoblock
Product-JetTabsjettabs_for_elementor
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-6823
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.30% / 66.86%
||
7 Day CHG~0.00%
Published-13 Aug, 2024 | 05:30
Updated-08 Apr, 2026 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Media Library Assistant <= 3.18 - Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action

The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation involving the mla-inline-edit-upload-scripts AJAX action in all versions up to, and including, 3.18. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-davidlingrendglingrendavidlingren
Product-media_library_assistantMedia Library Assistantmedia_library_assistant
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7855
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-15.02% / 96.31%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 04:31
Updated-08 Apr, 2026 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Hotel Booking <= 2.1.2 - Authenticated (Subscriber+) Arbitrary File Upload

The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-ThimPress (PhysCode)
Product-wp_hotel_bookingWP Hotel Bookingwp_hotel_booking
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6958
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.63% / 45.99%
||
7 Day CHG~0.00%
Published-21 Jul, 2024 | 15:00
Updated-21 Aug, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode University Management System Avatar File st_update.php unrestricted upload

A vulnerability classified as critical was found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /st_update.php of the component Avatar File Handler. The manipulation of the argument personal_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272080.

Action-Not Available
Vendor-Angel Jude Reyes SuarezITSourceCode
Product-university_management_systemUniversity Management Systemuniversity_management_system
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7450
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.62% / 45.61%
||
7 Day CHG~0.00%
Published-04 Aug, 2024 | 03:00
Updated-09 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Placement Management System Image resume_upload.php unrestricted upload

A vulnerability has been found in itsourcecode Placement Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /resume_upload.php of the component Image Handler. The manipulation of the argument fileToUpload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273541 was assigned to this vulnerability.

Action-Not Available
Vendor-Angel Jude Reyes SuarezITSourceCode
Product-placement_management_systemPlacement Management Systemplacement_management_system
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2014-1214
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.32% / 89.98%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 20:36
Updated-06 Aug, 2024 | 09:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.

Action-Not Available
Vendor-projoomn/a
Product-smart_flash_headern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-7145
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.90% / 55.32%
||
7 Day CHG~0.00%
Published-16 Aug, 2024 | 13:48
Updated-08 Apr, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JetElements <= 2.6.20 - Authenticated (Contributor+) Arbitrary Local File Inclusion

The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

Action-Not Available
Vendor-crocoblockCrocoblockcrocoblock
Product-jetelementsJetElementsjetelements
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-58281
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.79% / 51.92%
||
7 Day CHG~0.00%
Published-10 Dec, 2025 | 21:13
Updated-07 Apr, 2026 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dotclear 2.29 Remote Code Execution via Authenticated File Upload

Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload process by crafting a PHP shell with a command execution form to gain system access through the uploaded file.

Action-Not Available
Vendor-dotcleardotclear
Product-dotclearDotclear
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-2034
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.1||CRITICAL
EPSS-73.25% / 99.39%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unrestricted Upload of File with Dangerous Type in froxlor/froxlor

Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6431
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.79% / 51.66%
||
7 Day CHG~0.00%
Published-27 Jul, 2024 | 01:51
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Media.net Ads Manager <= 2.10.13 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload

The Media.net Ads Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and missing capability check in the 'sendMail' function in all versions up to, and including, 2.10.13. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability is only exploitable if anyone has ever logged in through the API.

Action-Not Available
Vendor-mnetadmanagermedianet
Product-Media.net Ads Managerads_manager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2014-0632
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-9||HIGH
EPSS-4.50% / 90.34%
||
7 Day CHG~0.00%
Published-28 Mar, 2014 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-vplex_geosynchronyn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-6707
Matching Score-4
Assigner-KoreLogic Security
ShareView Details
Matching Score-4
Assigner-KoreLogic Security
CVSS Score-7.5||HIGH
EPSS-1.00% / 58.71%
||
7 Day CHG~0.00%
Published-07 Aug, 2024 | 23:04
Updated-08 Aug, 2024 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Open WebUI Arbitrary File Upload + Path Traversal

Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.

Action-Not Available
Vendor-openwebuiOpen WebUIopenwebuiDebian GNU/Linux
Product-debian_linuxopen_webuiOpen WebUIopen_webui
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-5853
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.9||CRITICAL
EPSS-0.79% / 51.70%
||
7 Day CHG~0.00%
Published-19 Jun, 2024 | 05:37
Updated-08 Apr, 2026 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Image Optimizer, Resizer and CDN – Sirv <= 7.2.6 - Authenticated (Contributor+) Arbitrary File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirv_upload_file_by_chanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-sirvsirvsirv
Product-sirvImage Optimizer, Resizer and CDN – Sirvimage_optimizer\,_resizer_and_cdn
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-20130
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-31.62% / 98.08%
||
7 Day CHG~0.00%
Published-13 Oct, 2021 | 17:30
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_admanager_plusManageEngine ADManager Plus Build 7111
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6054
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.79% / 51.92%
||
7 Day CHG~0.00%
Published-27 Jun, 2024 | 02:03
Updated-08 Apr, 2026 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Auto Featured Image <= 1.2 - Authenticated (Contributor+) Arbitrary File Upload

The Auto Featured Image plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'create_post_attachment_from_url' function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-auto-featured-image_projectka-yuekayueyeung
Product-auto-featured-imageAuto Featured Imageauto_featured_image
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-20131
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-16.04% / 96.52%
||
7 Day CHG~0.00%
Published-13 Oct, 2021 | 17:30
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.

Action-Not Available
Vendor-n/aZoho Corporation Pvt. Ltd.
Product-manageengine_admanager_plusManageEngine ADManager Plus Build 7111
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6319
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.95% / 56.83%
||
7 Day CHG~0.00%
Published-04 Jul, 2024 | 08:32
Updated-08 Apr, 2026 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IMGspider <= 2.3.10 - Authenticated (Contributor+) Arbitrary File Upload via 'upload'

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-wboltwboltwbolt
Product-imgspiderIMGspider – 图片采集抓取插件imgspider
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-58279
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-0.82% / 52.82%
||
7 Day CHG~0.00%
Published-10 Dec, 2025 | 21:12
Updated-07 Apr, 2026 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload

appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.

Action-Not Available
Vendor-apprainapprain
Product-apprainappRain CMF
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6132
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-1.37% / 68.61%
||
7 Day CHG~0.00%
Published-19 Jun, 2024 | 05:37
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-raajtramraajtram
Product-Pexels: Free Stock Photospexels
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6161
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.79% / 51.67%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 07:38
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Default Thumbnail Plus <= 1.0.2.3 - Authenticated (Contributor+) Arbitrary File Upload

The Default Thumbnail Plus plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'get_cache_image' function in all versions up to, and including, 1.0.2.3. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-pjgalbraithpjgalbraith
Product-Default Thumbnail Plusdefault_thumbnail_plus
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-41938
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.54% / 41.54%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:42
Updated-25 May, 2026 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vvveb < 1.0.8.2 RCE via Media Upload Handler

Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restrictions by uploading a .htaccess file to map .phtml extensions to the PHP handler. Attackers can upload a .phtml file containing arbitrary PHP code and execute the uploaded payload through a subsequent unauthenticated HTTP GET request to the uploaded file, resulting in remote code execution with web server privileges.

Action-Not Available
Vendor-givanz
Product-Vvveb
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6315
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.97% / 57.57%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 01:49
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Blox Page Builder <= 1.0.65 - Authenticated (Contributor+) Arbitrary File Upload

The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-unitecmsunitecms
Product-Blox Page Builderblox_page_builder
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-6117
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
ShareView Details
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
CVSS Score-9.3||CRITICAL
EPSS-0.52% / 40.54%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 04:20
Updated-30 Aug, 2024 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hamastar MeetingHub Paperless Meetings - Unrestricted Upload of File with Dangerous Type

A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file.

Action-Not Available
Vendor-hamastarHamastar Technologyhamastar
Product-meetinghub_paperless_meetingsMeetingHub Paperless Meetingsmeetinghub_paperless_meetings
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-17046
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-4.42% / 90.18%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 14:04
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ilch 2.1.22 allows remote code execution because php is listed under "Allowed files" on the index.php/admin/media/settings/index page.

Action-Not Available
Vendor-ilchn/a
Product-ilch_cmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 27
  • 28
  • Next
Details not found