Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-36847

Summary
Assigner-Wordfence
Assigner Org ID-b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At-12 Jul, 2025 | 09:24
Updated At-08 Apr, 2026 | 17:11
Rejected At-
Credits

Simple File List < 4.2.3 - Remote Code Execution

The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Wordfence
Assigner Org ID:b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At:12 Jul, 2025 | 09:24
Updated At:08 Apr, 2026 | 17:11
Rejected At:
▼CVE Numbering Authority (CNA)
Simple File List < 4.2.3 - Remote Code Execution

The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.

Affected Products
Vendor
eemitch
Product
Simple File List
Default Status
unaffected
Versions
Affected
  • From 0 before 4.2.3 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-434CWE-434 Unrestricted Upload of File with Dangerous Type
Type: CWE
CWE ID: CWE-434
Description: CWE-434 Unrestricted Upload of File with Dangerous Type
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
coiffeur
Timeline
EventDate
Disclosed2020-11-02 00:00:00
Event: Disclosed
Date: 2020-11-02 00:00:00
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cve
N/A
https://plugins.trac.wordpress.org/changeset/2286920/simple-file-list
N/A
https://packetstormsecurity.com/files/160221/
N/A
https://www.cybersecurity-help.cz/vdb/SB2020042711
N/A
https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/
N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cve
Resource: N/A
Hyperlink: https://plugins.trac.wordpress.org/changeset/2286920/simple-file-list
Resource: N/A
Hyperlink: https://packetstormsecurity.com/files/160221/
Resource: N/A
Hyperlink: https://www.cybersecurity-help.cz/vdb/SB2020042711
Resource: N/A
Hyperlink: https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/
exploit
Hyperlink: https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@wordfence.com
Published At:12 Jul, 2025 | 10:15
Updated At:29 Jul, 2025 | 20:37

The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

simplefilelist
simplefilelist
>>simple_file_list>>Versions before 4.2.3(exclusive)
cpe:2.3:a:simplefilelist:simple_file_list:*:*:*:*:*:wordpress:*:*
Weaknesses
CWE IDTypeSource
CWE-434Secondarysecurity@wordfence.com
CWE ID: CWE-434
Type: Secondary
Source: security@wordfence.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://packetstormsecurity.com/files/160221/security@wordfence.com
Exploit
https://plugins.trac.wordpress.org/changeset/2286920/simple-file-listsecurity@wordfence.com
Patch
https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/security@wordfence.com
Exploit
Third Party Advisory
https://www.cybersecurity-help.cz/vdb/SB2020042711security@wordfence.com
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cvesecurity@wordfence.com
Third Party Advisory
https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Third Party Advisory
Hyperlink: https://packetstormsecurity.com/files/160221/
Source: security@wordfence.com
Resource:
Exploit
Hyperlink: https://plugins.trac.wordpress.org/changeset/2286920/simple-file-list
Source: security@wordfence.com
Resource:
Patch
Hyperlink: https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/
Source: security@wordfence.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.cybersecurity-help.cz/vdb/SB2020042711
Source: security@wordfence.com
Resource:
Third Party Advisory
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cve
Source: security@wordfence.com
Resource:
Third Party Advisory
Hyperlink: https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1204Records found

CVE-2020-12832
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.13% / 93.49%
||
7 Day CHG~0.00%
Published-13 May, 2020 | 17:52
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input.

Action-Not Available
Vendor-simplefilelistn/a
Product-simple-file-listn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-3962
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.37% / 68.59%
||
7 Day CHG~0.00%
Published-26 Apr, 2024 | 08:29
Updated-08 Apr, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Product Addons & Fields for WooCommerce <= 32.0.18 - Unauthenticated Arbitrary File Upload via ppom_upload_file

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires the PPOM Pro plugin to be installed along with a WooCommerce product that contains a file upload field to retrieve the correct nonce.

Action-Not Available
Vendor-Themeisle
Product-product_addons_\&_fields_for_woocommercePPOM – Product Addons & Custom Fields for WooCommerceproduct_addons_\&_fields_for_woocommerce
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-43478
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-8.8||HIGH
EPSS-17.42% / 96.75%
||
7 Day CHG~0.00%
Published-20 Sep, 2023 | 13:03
Updated-24 Sep, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated configuration restore and firmware update

fake_upload.cgi on the Telstra Smart Modem Gen 2 (Arcadyan LH1000), firmware versions < 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution as root. 

Action-Not Available
Vendor-telstraTelstratelstra
Product-arcadyan_lh1000arcadyan_lh1000_firmwareSmart Modem Gen 2 (Arcadyan LH1000)arcadyan_lh1000
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-16192
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.08% / 79.22%
||
7 Day CHG~0.00%
Published-09 Sep, 2019 | 20:39
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonstrated by a .php file in a ZIP archive.

Action-Not Available
Vendor-doccmsn/a
Product-doccmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2014-125104
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.74% / 50.23%
||
7 Day CHG~0.00%
Published-01 Jun, 2023 | 13:00
Updated-05 Mar, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VaultPress Plugin MailPoet Plugin class.vaultpress-hotfixes.php protect_aioseo_ajax unrestricted upload

A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protect_aioseo_ajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. The attack can be launched remotely. Upgrading to version 1.6.1 is able to address this issue. The patch is named e3b92b14edca6291c5f998d54c90cbe98a1fb0e3. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230263.

Action-Not Available
Vendor-n/aAutomattic Inc.
Product-vaultpressVaultPress Plugin
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41009
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.66% / 73.87%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 00:00
Updated-05 Jul, 2026 | 01:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header.

Action-Not Available
Vendor-adleredn/a
Product-bolo-solon/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-44009
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.40% / 69.09%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 00:00
Updated-23 Sep, 2024 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function.

Action-Not Available
Vendor-mojoportaln/a
Product-mojoportaln/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-9423
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.88% / 91.01%
||
7 Day CHG~0.00%
Published-18 Mar, 2020 | 21:04
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control, shared among users, applying tags, etc. This functionality could be abused by an unauthenticated attacker to upload an arbitrary file in a restricted folder. This would lead to the executions of malicious commands with root privileges.

Action-Not Available
Vendor-logicaldocn/a
Product-logicaldocn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-42802
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.85% / 53.68%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 13:32
Updated-05 Sep, 2024 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GLPI vulnerable to unallowed PHP script execution

GLPI is a free asset and IT management software package. Starting in version 10.0.7 and prior to version 10.0.10, an unverified object instantiation allows one to upload malicious PHP files to unwanted directories. Depending on web server configuration and available system libraries, malicious PHP files can then be executed through a web server request. Version 10.0.10 fixes this issue. As a workaround, remove write access on `/ajax` and `/front` files to the web server.

Action-Not Available
Vendor-GLPI Project
Product-glpiglpi
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-7864
Matching Score-4
Assigner-KrCERT/CC
ShareView Details
Matching Score-4
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.96% / 57.10%
||
7 Day CHG~0.00%
Published-15 Jun, 2021 | 14:47
Updated-16 Sep, 2024 | 23:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Raonwiz DEXT5 Editor File upload and Execution vulnerability

Parameter manipulation can bypass authentication to cause file upload and execution. This will execute the remote code. This issue affects: Raonwiz DEXT5Editor versions prior to 3.5.1405747.1100.03.

Action-Not Available
Vendor-dext5RAONWIZ (Laonwiz Co., Ltd.)
Product-dext5_editorDEXT5Editor
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-43696
Matching Score-4
Assigner-SICK AG
ShareView Details
Matching Score-4
Assigner-SICK AG
CVSS Score-8.2||HIGH
EPSS-0.65% / 46.46%
||
7 Day CHG~0.00%
Published-09 Oct, 2023 | 11:51
Updated-18 Sep, 2024 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server.

Action-Not Available
Vendor-SICK AG
Product-apu0200apu0200_firmwareAPU0200apu0200_firmware
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-56897
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.69% / 48.30%
||
7 Day CHG~0.00%
Published-24 Feb, 2025 | 00:00
Updated-03 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file downloads, uploads, and API commands. API commands can also be made to make unauthorized modifications to the device settings, such as disabling recording, disabling sounds, factory reset.

Action-Not Available
Vendor-yitechnologyn/a
Product-yi_car_dashcamyi_car_dashcam_firmwaren/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-6754
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-94.80% / 99.85%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 16:08
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. It allows an attacker to read or execute files under $TOMCAT_HOME/webapps/ROOT/assets (which should be a protected directory). Additionally, attackers can upload temporary files (e.g., .jsp files) into /webapps/ROOT/assets/tmp_upload, which can lead to remote command execution (with the permissions of the user running the dotCMS application).

Action-Not Available
Vendor-n/adotCMS, LLC
Product-dotcmsn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2014-0468
Matching Score-4
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-4
Assigner-Debian GNU/Linux
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 36.91%
||
7 Day CHG~0.00%
Published-26 Jun, 2025 | 20:39
Updated-06 Aug, 2025 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

Action-Not Available
Vendor-fusionforgefusionforge
Product-fusionforgefusionforge
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41998
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.8||CRITICAL
EPSS-15.27% / 96.37%
||
7 Day CHG~0.00%
Published-27 Nov, 2023 | 16:50
Updated-02 Aug, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arcserve UDP Unauthenticated RCE

Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and execute arbitrary files.

Action-Not Available
Vendor-Arcserve, LLC
Product-udpArcserve UDP
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41505
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.79% / 51.75%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 00:00
Updated-28 May, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

Action-Not Available
Vendor-n/aSource Code & Projects
Product-student_enrollmentn/astudent_enrollment_in_php
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-57460
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 30.49%
||
7 Day CHG~0.00%
Published-29 Dec, 2025 | 00:00
Updated-31 Dec, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell.

Action-Not Available
Vendor-machsoln/a
Product-machpaneln/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-42286
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 58.01%
||
7 Day CHG~0.00%
Published-14 Mar, 2024 | 00:00
Updated-16 Apr, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowing attackers to execute code or system commands through a carefully crafted malicious payload.

Action-Not Available
Vendor-eyoucmsn/aeyoucms
Product-eyoucmsn/aeyoucms
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41637
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.07% / 60.67%
||
7 Day CHG~0.00%
Published-31 Aug, 2023 | 00:00
Updated-01 Oct, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An arbitrary file upload vulnerability in the Carica immagine function of GruppoSCAI RealGimm 1.1.37p38 allows attackers to execute arbitrary code via uploading a crafted HTML file.

Action-Not Available
Vendor-grupposcain/a
Product-realgimmn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-4186
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.92% / 55.79%
||
7 Day CHG~0.00%
Published-06 Aug, 2023 | 13:31
Updated-09 Oct, 2024 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Pharmacy Management System manage_website.php unrestricted upload

A vulnerability was found in SourceCodester Pharmacy Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_website.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236221 was assigned to this vulnerability.

Action-Not Available
Vendor-pharmacy_management_system_projectSourceCodester
Product-pharmacy_management_systemPharmacy Management System
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-42017
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8||HIGH
EPSS-1.07% / 60.87%
||
7 Day CHG~0.00%
Published-22 Dec, 2023 | 16:02
Updated-02 Aug, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Planning Analytics file upload

IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 265567.

Action-Not Available
Vendor-IBM Corporation
Product-planning_analyticsPlanning Analytics
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 54.76%
||
7 Day CHG~0.00%
Published-27 Feb, 2024 | 00:00
Updated-20 Nov, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

Action-Not Available
Vendor-n/aphpSource Code & Projects
Product-student_enrollmentn/astudent_enrollment
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-40412
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.53% / 41.14%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 22:03
Updated-19 Jun, 2026 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Orbital Spatio Remote Code Execution Vulnerability

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_orbital_spatioAzure Orbital Spatio
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-36706
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-1.82% / 76.11%
||
7 Day CHG~0.00%
Published-20 Oct, 2023 | 06:35
Updated-08 Apr, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Simple:Press – WordPress Forum Plugin <= 6.6.0 - Arbitrary File Upload

The Simple:Press – WordPress Forum Plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ~/admin/resources/jscript/ajaxupload/sf-uploader.php file in versions up to, and including, 6.6.0. This makes it possible for attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Action-Not Available
Vendor-simple-presssimplepressthesimplepressforumteam
Product-simple\Simple:Press Forumsimple\:press_forum
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-36705
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-6.94% / 93.34%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 12:43
Updated-08 Apr, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adning Advertising <= 1.5.5 - Arbitrary File Upload

The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the _ning_upload_image function in versions up to, and including, 1.5.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Action-Not Available
Vendor-tunasitetunafish
Product-adning_advertisingAdning Advertising
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-36897
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-1.09% / 61.38%
||
7 Day CHG~0.00%
Published-10 Dec, 2025 | 21:02
Updated-17 Dec, 2025 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QiHang Media Web Digital Signage 3.0.9 Unauthenticated Remote Code Execution

QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated remote code execution vulnerability in the QH.aspx file that allows attackers to upload malicious ASPX scripts. Attackers can exploit the file upload functionality by using the 'remotePath' and 'fileToUpload' parameters to write and execute arbitrary system commands on the server.

Action-Not Available
Vendor-howforShenzhen Xingmeng Qihang Media Co., Ltd. Guangzhou Hefeng Automation Technology Co., Ltd.
Product-qihang_media_web_digital_signageQiHang Media Web Digital Signage
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-37090
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.77% / 51.24%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 22:01
Updated-05 Mar, 2026 | 01:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
School ERP Pro 1.0 - Remote Code Execution

School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary PHP files to the messaging system. Attackers can upload malicious PHP scripts through the message attachment feature, enabling remote code execution on the server.

Action-Not Available
Vendor-aroxArox
Product-school_erp_proSchool ERP Pro
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-35949
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-4.93% / 91.09%
||
7 Day CHG~0.00%
Published-01 Jan, 2021 | 03:27
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading a file, only the Content-Type header was checked during the upload, and thus the attacker could use text/plain for a .php file.

Action-Not Available
Vendor-expresstechn/a
Product-quiz_and_survey_mastern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2013-2748
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.07% / 95.87%
||
7 Day CHG~0.00%
Published-28 Jan, 2020 | 19:49
Updated-06 Aug, 2024 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system.

Action-Not Available
Vendor-n/aBelkin International, Inc.
Product-wemo_switch_firmwarewemo_switchn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-4121
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-2.28% / 81.01%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 09:31
Updated-02 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Byzoro Smart S85F Management Platform unrestricted upload

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230722. It has been classified as critical. Affected is an unknown function. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235968. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-byzoroByzoro
Product-smart_s85fSmart S85F Management Platform
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-40980
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.06% / 60.46%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 00:00
Updated-30 Sep, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.

Action-Not Available
Vendor-diaowenn/a
Product-dwsurveyn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-36849
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-4.66% / 90.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2025 | 11:23
Updated-08 Apr, 2026 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AIT CSV import/export <= 3.0.3 - Unauthenticated Arbitrary File Upload

The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for unauthorized attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Action-Not Available
Vendor-ait-themesAIT Themes
Product-csv_import_\/_exportAIT CSV import/export
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-40784
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 42.56%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.

Action-Not Available
Vendor-n/aDedeCMS
Product-dedecmsn/adedecms
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-36097
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.87% / 54.46%
||
7 Day CHG~0.00%
Published-22 Jun, 2023 | 00:00
Updated-02 Dec, 2024 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.

Action-Not Available
Vendor-funadminn/a
Product-funadminn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-35797
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.08% / 79.27%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:38
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an unauthenticated attacker.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-nms300_firmwarenms300n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-35760
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.89% / 77.11%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 15:52
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files).

Action-Not Available
Vendor-bloofoxn/a
Product-bloofoxcmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-38915
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.72% / 49.37%
||
7 Day CHG~0.00%
Published-15 Aug, 2023 | 00:00
Updated-09 Oct, 2024 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbtirary code via the upload type function.

Action-Not Available
Vendor-wolf18n/a
Product-easyadmin8n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-3891
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.84% / 53.52%
||
7 Day CHG~0.00%
Published-13 Mar, 2026 | 07:23
Updated-22 Apr, 2026 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File Upload

The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lkn_pix_for_woocommerce_c6_save_settings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-linknacional
Product-Pix for WooCommerce
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-55251
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.18% / 7.38%
||
7 Day CHG~0.00%
Published-19 Jan, 2026 | 17:39
Updated-25 Apr, 2026 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL AION is affected by an Unrestricted File Upload vulnerability

HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aionAION
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-21787
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.85% / 76.49%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 14:51
Updated-04 Aug, 2024 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.

Action-Not Available
Vendor-crmebn/a
Product-crmebn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-35442
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.68% / 74.20%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 21:40
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FDCMS (also known as Fangfa Content Management System) 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php.

Action-Not Available
Vendor-fangfan/a
Product-fdcmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-39970
Matching Score-4
Assigner-Joomla! Project
ShareView Details
Matching Score-4
Assigner-Joomla! Project
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 54.64%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 20:06
Updated-20 Oct, 2024 | 04:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - acymailing.com - RCE in AcyMailing component for Joomla 6.7.0-8.5.0

Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.

Action-Not Available
Vendor-AcyMailing (Altavia Jetpulp SAS, formerly ACYBA)
Product-acymailing_starterAcyMailing component for Joomla
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2013-2057
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.14% / 79.77%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 17:41
Updated-06 Aug, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability

Action-Not Available
Vendor-yabbYaBB
Product-yabbYaBB
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-3844
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-36.51% / 98.30%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 02:25
Updated-23 Apr, 2026 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote

The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetch_gravatar_from_remote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability can only be exploited if "Host Files Locally - Gravatars" is enabled, which is disabled by default.

Action-Not Available
Vendor-cloudways
Product-Breeze Cache
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-29597
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-71.67% / 99.34%
||
7 Day CHG~0.00%
Published-07 Dec, 2020 | 19:09
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server.

Action-Not Available
Vendor-incomcms_projectn/a
Product-incomcmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2013-10040
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-10||CRITICAL
EPSS-2.59% / 83.41%
||
7 Day CHG+0.11%
Published-31 Jul, 2025 | 14:53
Updated-15 May, 2026 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClipBucket <= 2.6 ofc_upload_image.php Arbitrary File Upload RCE

ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php script located at /admin_area/charts/ofc-library/. This endpoint allows unauthenticated users to upload arbitrary files, including executable PHP scripts. Once uploaded, the attacker can access the file via a predictable path and trigger remote code execution.

Action-Not Available
Vendor-clip-bucketClipBucket LLC
Product-clipbucketClipBucket
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-28165
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.09% / 61.25%
||
7 Day CHG~0.00%
Published-12 Aug, 2021 | 11:01
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage() function.

Action-Not Available
Vendor-easycorpn/a
Product-zentaon/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-28871
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-85.78% / 99.70%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 00:00
Updated-04 Aug, 2024 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload.

Action-Not Available
Vendor-monitorrn/a
Product-monitorrn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-39346
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.93% / 56.17%
||
7 Day CHG~0.00%
Published-04 Aug, 2023 | 20:33
Updated-17 Oct, 2024 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
bjrjk/LinuxASMCallGraph before commit 20dba06 allows attackers to cause a RCE on the server side via uploading a crafted ZIP file due to incorrect filtering rules of uploaded file

LinuxASMCallGraph is software for drawing the call graph of the programming code. Linux ASMCallGraph before commit 20dba06bd1a3cf260612d4f21547c25002121cd5 allows attackers to cause a remote code execution on the server side via uploading a crafted ZIP file due to incorrect filtering rules of uploaded file. The problem has been patched in commit 20dba06bd1a3cf260612d4f21547c25002121cd5. There are no known workarounds.

Action-Not Available
Vendor-renjikaibjrjk
Product-linuxasmcallgraphLinuxASMCallGraph
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-35047
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.55% / 42.23%
||
7 Day CHG~0.00%
Published-06 Apr, 2026 | 17:25
Updated-10 Apr, 2026 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint

Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on the server, potentially resulting in full system compromise, data exfiltration, or service disruption. All users running affected versions of BraveCMS are impacted. This vulnerability is fixed in 2.0.6.

Action-Not Available
Vendor-ajax30Ajax30
Product-bravecmsBraveCMS-2.0
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 24
  • 25
  • Next
Details not found