Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-50973

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-02 Jul, 2026 | 17:04
Updated At-02 Jul, 2026 | 19:44
Rejected At-
Credits

Yonyou KSOA 9.0 Unauthenticated File Upload RCE via ImageUpload Servlet

Yonyou KSOA 9.0 contains an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet that allows unauthenticated attackers to upload arbitrary files by submitting a POST request with attacker-controlled filepath and filename parameters without any authentication, file type, extension, or content validation. Attackers can upload a JSP webshell by specifying a malicious filename and root filepath, with the uploaded file stored under the pictures directory and directly executed by the web server, resulting in unauthenticated remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2023-11-07 (UTC).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:02 Jul, 2026 | 17:04
Updated At:02 Jul, 2026 | 19:44
Rejected At:
▼CVE Numbering Authority (CNA)
Yonyou KSOA 9.0 Unauthenticated File Upload RCE via ImageUpload Servlet

Yonyou KSOA 9.0 contains an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet that allows unauthenticated attackers to upload arbitrary files by submitting a POST request with attacker-controlled filepath and filename parameters without any authentication, file type, extension, or content validation. Attackers can upload a JSP webshell by specifying a malicious filename and root filepath, with the uploaded file stored under the pictures directory and directly executed by the web server, resulting in unauthenticated remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2023-11-07 (UTC).

Affected Products
Vendor
Yonyou Network Technology Co., Ltd.
Product
KSOA
Default Status
affected
Versions
Affected
  • 9.0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-434Unrestricted Upload of File with Dangerous Type
Type: CWE
CWE ID: CWE-434
Description: Unrestricted Upload of File with Dangerous Type
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

reporter
The Shadowserver Foundation
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://cn-sec.com/archives/1329088.html
technical-description
exploit
https://buaq.net/go-167023.html
exploit
technical-description
https://www.cnblogs.com/yang-miemie/p/17714927.html
technical-description
exploit
https://www.yonyou.com/
product
https://www.vulncheck.com/advisories/yonyou-ksoa-unauthenticated-file-upload-rce-via-imageupload-servlet
third-party-advisory
Hyperlink: https://cn-sec.com/archives/1329088.html
Resource:
technical-description
exploit
Hyperlink: https://buaq.net/go-167023.html
Resource:
exploit
technical-description
Hyperlink: https://www.cnblogs.com/yang-miemie/p/17714927.html
Resource:
technical-description
exploit
Hyperlink: https://www.yonyou.com/
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/yonyou-ksoa-unauthenticated-file-upload-rce-via-imageupload-servlet
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:02 Jul, 2026 | 17:16
Updated At:02 Jul, 2026 | 20:16

Yonyou KSOA 9.0 contains an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet that allows unauthenticated attackers to upload arbitrary files by submitting a POST request with attacker-controlled filepath and filename parameters without any authentication, file type, extension, or content validation. Attackers can upload a JSP webshell by specifying a malicious filename and root filepath, with the uploaded file stored under the pictures directory and directly executed by the web server, resulting in unauthenticated remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2023-11-07 (UTC).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
N/A
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-434Secondarydisclosure@vulncheck.com
CWE ID: CWE-434
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://buaq.net/go-167023.htmldisclosure@vulncheck.com
N/A
https://cn-sec.com/archives/1329088.htmldisclosure@vulncheck.com
N/A
https://www.cnblogs.com/yang-miemie/p/17714927.htmldisclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/yonyou-ksoa-unauthenticated-file-upload-rce-via-imageupload-servletdisclosure@vulncheck.com
N/A
https://www.yonyou.com/disclosure@vulncheck.com
N/A
Hyperlink: https://buaq.net/go-167023.html
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://cn-sec.com/archives/1329088.html
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.cnblogs.com/yang-miemie/p/17714927.html
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/yonyou-ksoa-unauthenticated-file-upload-rce-via-imageupload-servlet
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.yonyou.com/
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1230Records found

CVE-2016-10954
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.23% / 80.56%
||
7 Day CHG~0.00%
Published-13 Sep, 2019 | 12:16
Updated-06 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.

Action-Not Available
Vendor-dynamicpressn/a
Product-neosensen/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-41347
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-8.7||HIGH
EPSS-0.30% / 21.69%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 11:06
Updated-18 Feb, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este

Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del Este. This vulnerability allows an attacker to upload a 'webshell' by sending a POST request to '/WinplusPortal/ws/sWinplus.svc/json/uploadfile'.

Action-Not Available
Vendor-iestInformatica del Este
Product-winplusWinPlus
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2012-10036
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-1.51% / 71.35%
||
7 Day CHG~0.00%
Published-08 Aug, 2025 | 18:12
Updated-15 May, 2026 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Project Pier <= 0.8.8 Arbitrary File Upload RCE

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/upload_file.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. The uploaded file is stored with a predictable suffix and can be executed by requesting its URL, resulting in remote code execution.

Action-Not Available
Vendor-ProjectPier
Product-ProjectPier
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2016-10955
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.43% / 82.26%
||
7 Day CHG~0.00%
Published-13 Sep, 2019 | 12:17
Updated-06 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking.

Action-Not Available
Vendor-cystemen/a
Product-cysteme-findern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-7852
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 27.79%
||
7 Day CHG~0.00%
Published-11 Jun, 2026 | 11:36
Updated-11 Jun, 2026 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unrestricted File Upload in Limatek's LimRAD NAC

Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9.

Action-Not Available
Vendor-Limatek System Inc.
Product-LimRAD NAC
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2016-11020
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.88% / 85.16%
||
7 Day CHG~0.00%
Published-24 Feb, 2020 | 17:04
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution.

Action-Not Available
Vendor-kunenan/a
Product-kunenan/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-20451
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.72% / 93.89%
||
7 Day CHG+0.19%
Published-10 Feb, 2020 | 14:39
Updated-05 Aug, 2024 | 02:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)

Action-Not Available
Vendor-n/aSamsung
Product-prismview_system_9prismview_player_11n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-6271
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.66% / 47.25%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 06:44
Updated-14 May, 2026 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Career Section <= 1.7 - Unauthenticated Arbitrary File Upload

The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV upload handler. This is due to missing file type validation. This makes it possible for unauthenticated attackers to upload files that may be executable, which makes remote code execution possible.

Action-Not Available
Vendor-shahinurislam
Product-Career Section
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-21787
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.85% / 76.46%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 14:51
Updated-04 Aug, 2024 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.

Action-Not Available
Vendor-crmebn/a
Product-crmebn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2018-1000544
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.50% / 90.33%
||
7 Day CHG~0.00%
Published-26 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..

Action-Not Available
Vendor-rubyzip_projectn/aDebian GNU/LinuxRed Hat, Inc.
Product-rubyzipdebian_linuxcloudformsn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-6960
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.67% / 47.54%
||
7 Day CHG~0.00%
Published-21 May, 2026 | 21:27
Updated-22 May, 2026 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BookingPress Pro <= 5.6 - Unauthenticated Arbitrary File Upload via Signature Custom Field

The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versions up to, and including, 5.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. Note: The vulnerability can only be exploited if a signature custom field is added to the booking form.

Action-Not Available
Vendor-Repute Infosystems
Product-BookingPress Appointment Booking Pro
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-6885
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.3||CRITICAL
EPSS-0.50% / 39.01%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 09:05
Updated-19 May, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BorG Technology Corporation|Borg SPM 2007 - Arbitrary File Upload

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Action-Not Available
Vendor-BorG Technology Corporation
Product-Borg SPM 2007
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2022-2647
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.66% / 47.19%
||
7 Day CHG~0.00%
Published-04 Aug, 2022 | 08:41
Updated-14 Apr, 2025 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
jeecg-boot unrestricted upload

A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205594 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-jeecgunspecified
Product-jeecg_bootjeecg-boot
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-6555
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.98% / 57.85%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 01:25
Updated-23 Jun, 2026 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ProSolution WP Client <= 2.0.0 - Unauthenticated Arbitrary File Upload via 'files'

The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and uploaded to a web-accessible directory. This makes it possible for unauthenticated attackers to upload malicious PHP files and achieve remote code execution by sending a valid first file followed by a malicious file.

Action-Not Available
Vendor-prosolution
Product-ProSolution WP Client
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-6058
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-5.65% / 92.02%
||
7 Day CHG~0.00%
Published-12 Jul, 2025 | 04:22
Updated-08 Apr, 2026 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WPBookit <= 1.0.4 - Unauthenticated Arbitrary File Upload

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image_upload_handle() function hooked via the 'add_booking_type' route in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-iqonicdesign
Product-WPBookit
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-56290
Matching Score-4
Assigner-Joomla! Project
ShareView Details
Matching Score-4
Assigner-Joomla! Project
CVSS Score-10||CRITICAL
EPSS-0.33% / 24.80%
||
7 Day CHG~0.00%
Published-29 Jun, 2026 | 14:31
Updated-02 Jul, 2026 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

Action-Not Available
Vendor-joomlackjoomlack.fr
Product-page_builder_ckJoomlaCK.fr Page Builder CK extension for Joomla
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2015-9499
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.77% / 96.27%
||
7 Day CHG~0.00%
Published-22 Oct, 2019 | 20:45
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive.

Action-Not Available
Vendor-themepunchn/a
Product-showbiz_pron/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-4336
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.1||HIGH
EPSS-1.12% / 62.32%
||
7 Day CHG~0.00%
Published-24 May, 2025 | 03:37
Updated-08 Apr, 2026 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials.

Action-Not Available
Vendor-emagiconeemagicone
Product-emagicone_store_manager_for_woocommerceeMagicOne Store Manager for WooCommerce
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-4291
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.34% / 26.30%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 22:00
Updated-03 Oct, 2025 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IdeaCMS saveUpload unrestricted upload

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-ideacmsn/a
Product-ideacmsIdeaCMS
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-59872
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-4.3||MEDIUM
EPSS-0.45% / 36.29%
||
7 Day CHG+0.11%
Published-17 Jun, 2026 | 12:32
Updated-26 Jun, 2026 | 15:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability,

HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows you to execute arbitrary code or operating system commands. For this attack to be successful, the file needs to be uploaded inside the Webroot, and the server must be configured to execute the code

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-zie_for_webZIE
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2015-9479
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.77% / 84.59%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 16:20
Updated-06 Aug, 2024 | 08:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php.

Action-Not Available
Vendor-advancedcustomfieldsn/a
Product-acf_fronted_displayn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-20287
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.83% / 84.87%
||
7 Day CHG~0.00%
Published-01 Feb, 2021 | 17:38
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution.

Action-Not Available
Vendor-yccmsn/a
Product-yccmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-44009
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.40% / 69.06%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 00:00
Updated-23 Sep, 2024 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function.

Action-Not Available
Vendor-mojoportaln/a
Product-mojoportaln/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-57460
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 30.49%
||
7 Day CHG~0.00%
Published-29 Dec, 2025 | 00:00
Updated-31 Dec, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell.

Action-Not Available
Vendor-machsoln/a
Product-machpaneln/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-14037
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-Not Assigned
Published-02 Jul, 2026 | 17:03
Updated-02 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Redsea Cloud eHR Unauthenticated File Upload RCE via PtFjk.mob

Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution by uploading malicious files through the PtFjk.mob servlet endpoint. Attackers can submit a multipart POST request with a JSP webshell disguised using a spoofed image/jpeg Content-Type to bypass the absence of extension and MIME type validation, with the uploaded file stored at a predictable path under the uploadfile directory and executed directly by the web server. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-11-03 (UTC).

Action-Not Available
Vendor-Guangzhou Red Sea Cloud Computing Co., Ltd.
Product-Red Sea Cloud eHR
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2022-26645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.63% / 83.65%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 22:23
Updated-16 Dec, 2025 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.

Action-Not Available
Vendor-n/aoretnom23
Product-banking_systemn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-19634
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.15% / 89.62%
||
7 Day CHG~0.00%
Published-17 Dec, 2019 | 17:11
Updated-26 Jun, 2026 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.

Action-Not Available
Vendor-verot_projectjoomlaworksn/a
Product-verotk2n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-18952
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-45.36% / 98.64%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 22:38
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.

Action-Not Available
Vendor-sibsoftn/a
Product-xfilesharingn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-44974
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-19.06% / 96.97%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 00:00
Updated-23 Sep, 2024 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

Action-Not Available
Vendor-emlogn/a
Product-emlogn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-55835
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.12% / 62.31%
||
7 Day CHG~0.00%
Published-12 Sep, 2025 | 00:00
Updated-16 Oct, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering.

Action-Not Available
Vendor-sueamcms_projectn/a
Product-sueamcmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-5746
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.61% / 44.99%
||
7 Day CHG~0.00%
Published-02 Jul, 2025 | 03:47
Updated-08 Apr, 2026 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Drag and Drop Multiple File Upload (Pro) - WooCommerce <= 1.7.1 and 5.0 - 5.0.5 - Unauthenticated Arbitrary File Upload

The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7_upload_chunks() function in version 5.0 - 5.0.5 (when bundled with the PrintSpace theme) and all versions up to, and including, 1.7.1 (in the standalone version). This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. The execution of PHP is disabled via a .htaccess file but is still possible in certain server configurations. CVE-2025-49885 may be a duplicate of this.

Action-Not Available
Vendor-CodeDropz
Product-Drag and Drop Multiple File Upload (Pro) - WooCommerce
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-19576
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-26.18% / 97.74%
||
7 Day CHG~0.00%
Published-04 Dec, 2019 | 17:33
Updated-26 Jun, 2026 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.

Action-Not Available
Vendor-verot_projectjoomlaworksn/a
Product-verotk2n/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-4259
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 31.94%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 02:00
Updated-10 Oct, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
newbee-mall UploadController.java upload unrestricted upload

A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this vulnerability is the function Upload of the file ltd/newbee/mall/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Action-Not Available
Vendor-newbee-mall_projectn/a
Product-newbee-mallnewbee-mall
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-44973
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 59.63%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 00:00
Updated-20 Sep, 2024 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

Action-Not Available
Vendor-emlogn/a
Product-emlogn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-55267
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-5.7||MEDIUM
EPSS-0.29% / 21.25%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 13:01
Updated-26 Mar, 2026 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability

HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aftermarket_cloudAftermarket DPC
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-55251
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.18% / 7.38%
||
7 Day CHG~0.00%
Published-19 Jan, 2026 | 17:39
Updated-25 Apr, 2026 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL AION is affected by an Unrestricted File Upload vulnerability

HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-aionAION
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-54944
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
ShareView Details
Matching Score-4
Assigner-ZUSO Advanced Research Team (ZUSO ART)
CVSS Score-6.9||MEDIUM
EPSS-0.64% / 46.40%
||
7 Day CHG~0.00%
Published-30 Aug, 2025 | 03:45
Updated-30 Jan, 2026 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type

An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution.

Action-Not Available
Vendor-sun.netSUNNET Technology Co., Ltd.
Product-ehrd_ctmsCorporate Training Management System
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-54762
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.3||CRITICAL
EPSS-0.49% / 38.73%
||
7 Day CHG~0.00%
Published-28 Aug, 2025 | 08:28
Updated-28 Aug, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.

Action-Not Available
Vendor-DOS Co., Ltd.
Product-SS1
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-54440
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-9.8||CRITICAL
EPSS-0.50% / 39.22%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 05:33
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-magicinfo_9_serverMagicINFO 9 Server
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-54449
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-9.8||CRITICAL
EPSS-0.61% / 44.82%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 05:27
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-magicinfo_9_serverMagicINFO 9 Server
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-54442
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 37.48%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 05:34
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-magicinfo_9_serverMagicINFO 9 Server
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-54448
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-9.8||CRITICAL
EPSS-0.60% / 44.24%
||
7 Day CHG~0.00%
Published-23 Jul, 2025 | 05:31
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.

Action-Not Available
Vendor-Samsung Electronics
Product-MagicINFO 9 Server
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-19595
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.00% / 89.27%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 15:25
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8 for PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file.

Action-Not Available
Vendor-n/aAdobe Inc.PrestaShop S.A
Product-stock_api_integrationprestashopn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-40625
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-9.3||CRITICAL
EPSS-0.59% / 43.82%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 10:43
Updated-13 May, 2025 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple vulnerabilities in TCMAN's GIM

Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the server, even a malicious file to obtain a Remote Code Execution (RCE).

Action-Not Available
Vendor-tcmanTCMAN
Product-gimGIM
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-19594
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.00% / 89.27%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 15:26
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7 allows remote attackers to execute arbitrary code by uploading a .php file.

Action-Not Available
Vendor-n/aAdobe Inc.PrestaShop S.A
Product-stock_api_integrationprestashopn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-13675
Matching Score-4
Assigner-Drupal.org
ShareView Details
Matching Score-4
Assigner-Drupal.org
CVSS Score-9.8||CRITICAL
EPSS-1.22% / 64.91%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 15:45
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site.

Action-Not Available
Vendor-The Drupal Association
Product-drupalCore
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-12843
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.31% / 67.10%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 15:20
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.

Action-Not Available
Vendor-gogogaten/a
Product-ismartgate_pro_firmwareismartgate_pron/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2020-11722
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.92% / 89.07%
||
7 Day CHG~0.00%
Published-12 Apr, 2020 | 18:59
Updated-04 Aug, 2024 | 11:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.

Action-Not Available
Vendor-dungeon_crawl_stone_soup_projectn/a
Product-dungeon_crawl_stone_soupn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-42802
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.85% / 53.63%
||
7 Day CHG~0.00%
Published-02 Nov, 2023 | 13:32
Updated-05 Sep, 2024 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GLPI vulnerable to unallowed PHP script execution

GLPI is a free asset and IT management software package. Starting in version 10.0.7 and prior to version 10.0.10, an unverified object instantiation allows one to upload malicious PHP files to unwanted directories. Depending on web server configuration and available system libraries, malicious PHP files can then be executed through a web server request. Version 10.0.10 fixes this issue. As a workaround, remove write access on `/ajax` and `/front` files to the web server.

Action-Not Available
Vendor-GLPI Project
Product-glpiglpi
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-3830
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.41% / 33.09%
||
7 Day CHG~0.00%
Published-20 Apr, 2025 | 16:31
Updated-30 Apr, 2025 | 17:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
kuangstudy KuangSimpleBBS QuestionController.java fileUpload unrestricted upload

A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical. Affected by this vulnerability is the function fileUpload of the file src/main/java/com/kuang/controller/QuestionController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-kuangstudykuangstudy
Product-kuangsimplebbsKuangSimpleBBS
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 24
  • 25
  • Next
Details not found