Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-4387

Summary
Assigner-Wordfence
Assigner Org ID-b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At-10 Jun, 2025 | 03:41
Updated At-10 Jun, 2025 | 14:10
Rejected At-
Credits

Abandoned Cart Pro for WooCommerce <= 9.16.0 - Authenticated (Subscriber+) Arbitrary File Upload

The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload vulnerability due to missing file type validation in the wcap_add_to_cart_popup_upload_files function in all versions up to, and including, 9.16.0. This makes it possible for an authenticated attacker, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may allow for either remote or local code execution depending on the server configuration.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Wordfence
Assigner Org ID:b15e7b5b-3da4-40ae-a43c-f7aa60e62599
Published At:10 Jun, 2025 | 03:41
Updated At:10 Jun, 2025 | 14:10
Rejected At:
▼CVE Numbering Authority (CNA)
Abandoned Cart Pro for WooCommerce <= 9.16.0 - Authenticated (Subscriber+) Arbitrary File Upload

The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload vulnerability due to missing file type validation in the wcap_add_to_cart_popup_upload_files function in all versions up to, and including, 9.16.0. This makes it possible for an authenticated attacker, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may allow for either remote or local code execution depending on the server configuration.

Affected Products
Vendor
Tyche Softwares
Product
Abandoned Cart Pro for WooCommerce
Default Status
unaffected
Versions
Affected
  • From * through 9.16.0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-434CWE-434 Unrestricted Upload of File with Dangerous Type
Type: CWE
CWE ID: CWE-434
Description: CWE-434 Unrestricted Upload of File with Dangerous Type
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Phil Wylie
Timeline
EventDate
Discovered2025-04-28 00:00:00
Vendor Notified2025-05-06 00:00:00
Disclosed2025-06-09 15:30:01
Event: Discovered
Date: 2025-04-28 00:00:00
Event: Vendor Notified
Date: 2025-05-06 00:00:00
Event: Disclosed
Date: 2025-06-09 15:30:01
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.wordfence.com/threat-intel/vulnerabilities/id/5d2f07bb-89b3-41d4-b606-9722deecf816?source=cve
N/A
https://www.tychesoftwares.com/products/woocommerce-abandoned-cart-pro-plugin/
N/A
https://www.tychesoftwares.com/docs/docs/abandoned-cart-pro-for-woocommerce-new/changelog-abandoned-cart-pro/#changelog-abandon-cart-pro-for-woocommerce-9-17-0-release-date-m
N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/5d2f07bb-89b3-41d4-b606-9722deecf816?source=cve
Resource: N/A
Hyperlink: https://www.tychesoftwares.com/products/woocommerce-abandoned-cart-pro-plugin/
Resource: N/A
Hyperlink: https://www.tychesoftwares.com/docs/docs/abandoned-cart-pro-for-woocommerce-new/changelog-abandoned-cart-pro/#changelog-abandon-cart-pro-for-woocommerce-9-17-0-release-date-m
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@wordfence.com
Published At:10 Jun, 2025 | 04:15
Updated At:12 Jun, 2025 | 16:06

The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload vulnerability due to missing file type validation in the wcap_add_to_cart_popup_upload_files function in all versions up to, and including, 9.16.0. This makes it possible for an authenticated attacker, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may allow for either remote or local code execution depending on the server configuration.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-434Primarysecurity@wordfence.com
CWE ID: CWE-434
Type: Primary
Source: security@wordfence.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.tychesoftwares.com/docs/docs/abandoned-cart-pro-for-woocommerce-new/changelog-abandoned-cart-pro/#changelog-abandon-cart-pro-for-woocommerce-9-17-0-release-date-msecurity@wordfence.com
N/A
https://www.tychesoftwares.com/products/woocommerce-abandoned-cart-pro-plugin/security@wordfence.com
N/A
https://www.wordfence.com/threat-intel/vulnerabilities/id/5d2f07bb-89b3-41d4-b606-9722deecf816?source=cvesecurity@wordfence.com
N/A
Hyperlink: https://www.tychesoftwares.com/docs/docs/abandoned-cart-pro-for-woocommerce-new/changelog-abandoned-cart-pro/#changelog-abandon-cart-pro-for-woocommerce-9-17-0-release-date-m
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://www.tychesoftwares.com/products/woocommerce-abandoned-cart-pro-plugin/
Source: security@wordfence.com
Resource: N/A
Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/5d2f07bb-89b3-41d4-b606-9722deecf816?source=cve
Source: security@wordfence.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

835Records found

CVE-2021-36121
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.67% / 81.82%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 13:58
Updated-04 Aug, 2024 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Echo ShareCare 8.15.5. The file-upload feature in Access/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible to an unrestricted upload vulnerability via the name1 parameter, when processing remote input from an authenticated user, leading to the ability for arbitrary files to be written to arbitrary filesystem locations via ../ Directory Traversal on the Z: drive (a hard-coded drive letter where ShareCare application files reside) and remote code execution as the ShareCare service user (NT AUTHORITY\SYSTEM).

Action-Not Available
Vendor-echobhn/a
Product-sharecaren/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-4226
Matching Score-4
Assigner-STAR Labs SG Pte. Ltd.
ShareView Details
Matching Score-4
Assigner-STAR Labs SG Pte. Ltd.
CVSS Score-8.8||HIGH
EPSS-23.95% / 95.91%
||
7 Day CHG~0.00%
Published-28 Nov, 2023 | 07:21
Updated-02 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Chamilo LMS File Upload Functionality Remote Code Execution

Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files.

Action-Not Available
Vendor-chamiloChamilo
Product-chamilo_lmsChamilo
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-33828
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.54% / 67.03%
||
7 Day CHG~0.00%
Published-15 Jan, 2022 | 20:54
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.

Action-Not Available
Vendor-n/aownCloud GmbH
Product-files_antivirusn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-34257
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.92% / 75.62%
||
7 Day CHG~0.00%
Published-31 Mar, 2022 | 15:57
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Remote Code Execution (RCE) vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to (1) Dashboard's Avatar image, (2) Posts Folder image, (3) Pages Folder image and (4) Gallery Folder image.

Action-Not Available
Vendor-wpanel_cms_projectn/a
Product-wpanel_cmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-34128
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.74% / 72.58%
||
7 Day CHG~0.00%
Published-15 Jun, 2021 | 14:05
Updated-04 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname.

Action-Not Available
Vendor-laiketuin/a
Product-laiketuin/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-22789
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 12.78%
||
7 Day CHG~0.00%
Published-12 Jan, 2026 | 21:52
Updated-21 Jan, 2026 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WebErpMesv2 has a File Upload Validation Bypass Leading to RCE

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, WebErpMesv2 contains a file upload validation bypass vulnerability in multiple controllers that allows authenticated users to upload arbitrary files, including PHP scripts, leading to Remote Code Execution (RCE). This vulnerability is identical in nature to CVE-2025-52130 but exists in different code locations that were not addressed by the original fix. This vulnerability is fixed in 1.19.

Action-Not Available
Vendor-wem-projectSMEWebify
Product-wemWebErpMesv2
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-616
Incomplete Identification of Uploaded File Variables (PHP)
CVE-2021-34076
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.29% / 52.09%
||
7 Day CHG~0.00%
Published-11 May, 2023 | 00:00
Updated-27 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.

Action-Not Available
Vendor-phpokn/a
Product-phpokn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-41812
Matching Score-4
Assigner-Pandora FMS
ShareView Details
Matching Score-4
Assigner-Pandora FMS
CVSS Score-5.7||MEDIUM
EPSS-0.04% / 12.11%
||
7 Day CHG~0.00%
Published-23 Nov, 2023 | 14:58
Updated-02 Aug, 2024 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uploading executables via the file manager

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allowed PHP executable files to be uploaded through the file manager. This issue affects Pandora FMS: from 700 through 773.

Action-Not Available
Vendor-Pandora FMS S.L.U.
Product-pandora_fmsPandora FMS
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-17490
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.40% / 60.30%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 20:17
Updated-05 Aug, 2024 | 01:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI.

Action-Not Available
Vendor-jnojn/a
Product-jiangnan_online_judgen/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-34639
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.30%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 20:18
Updated-21 Mar, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Download Manager <= 3.1.24 Authenticated Arbitrary File Upload

Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. "payload.php.png" which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and prior versions.

Action-Not Available
Vendor-W3 Eden, Inc.WordPress Download Manager Pro
Product-download_managerWordPress Download Manager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-646
Reliance on File Name or Extension of Externally-Supplied File
CVE-2026-22799
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.34% / 56.07%
||
7 Day CHG~0.00%
Published-12 Jan, 2026 | 22:05
Updated-21 Jan, 2026 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
emlog Arbitrary File Upload Vulnerability

Emlog is an open source website building system. emlog v2.6.1 and earlier exposes a REST API endpoint (/index.php?rest-api=upload) for media file uploads. The endpoint fails to implement proper validation of file types, extensions, and content, allowing authenticated attackers (with a valid API key or admin session cookie) to upload arbitrary files (including malicious PHP scripts) to the server. An attacker can obtain the API key either by gaining administrator access to enable the REST API setting, or via information disclosure vulnerabilities in the application. Once uploaded, the malicious PHP file can be executed to gain remote code execution (RCE) on the target server, leading to full server compromise.

Action-Not Available
Vendor-emlogemlog
Product-emlogemlog
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-21625
Matching Score-4
Assigner-Joomla! Project
ShareView Details
Matching Score-4
Assigner-Joomla! Project
CVSS Score-4.8||MEDIUM
EPSS-0.02% / 5.01%
||
7 Day CHG-0.03%
Published-16 Jan, 2026 | 15:06
Updated-30 Jan, 2026 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Extension - stackideas.com - Lack of mime type validation in EasyDiscuss component 1.0.0-5.0.15 for Joomla

User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.

Action-Not Available
Vendor-stackideasStackideas.com
Product-easydiscussEasyDiscuss extension for Joomla
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-33698
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-9.9||CRITICAL
EPSS-0.30% / 53.24%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 18:01
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.

Action-Not Available
Vendor-SAP SE
Product-business_oneSAP Business One
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-32630
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.84% / 74.46%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 16:45
Updated-03 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Various

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload permissions could rename the php shell with a .phar extension, visit the file, triggering the payload for a reverse/bind shell. This can be mitigated by excluding a .phar file extension to be uploaded (like you did with .php .phtml .php5 etc). The vulnerability is patched in version 4.0.4.

Action-Not Available
Vendor-Admidio
Product-admidioadmidio
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-2146
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 3.63%
||
7 Day CHG-0.03%
Published-08 Feb, 2026 | 09:32
Updated-17 Feb, 2026 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
guchengwuyue yshopmall co.yixiang.utils.FileUtil updateAvatar unrestricted upload

A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the function updateAvatar of the file /api/users/updateAvatar of the component co.yixiang.utils.FileUtil. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-guchengwuyueguchengwuyue
Product-yshopmallyshopmall
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-39307
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-8.5||HIGH
EPSS-0.66% / 70.63%
||
7 Day CHG~0.00%
Published-26 Mar, 2024 | 20:43
Updated-05 Feb, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Avada theme <= 7.11.1 - Authenticated Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.

Action-Not Available
Vendor-Avada (ThemeFusion)
Product-avadaAvadaavada
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-1730
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.25% / 47.60%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 07:31
Updated-03 Feb, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS DataHub Maps <= 1.8.3 - Authenticated (Author+) Arbitrary File Upload

The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'OS_DataHub_Maps_Admin::add_file_and_ext' function in all versions up to, and including, 1.8.3. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-skirridsystems
Product-OS DataHub Maps
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-39548
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-8.8||HIGH
EPSS-0.10% / 27.22%
||
7 Day CHG~0.00%
Published-17 Nov, 2023 | 05:31
Updated-02 Dec, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.

Action-Not Available
Vendor-NEC Corporation
Product-expresscluster_x_singleserversafeexpresscluster_xCLUSTERPRO X SingleServerSafe (EXPRESSCLUSTER X SingleServerSafe)CLUSTERPRO X (EXPRESSCLUSTER X)
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-9841
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 16.01%
||
7 Day CHG~0.00%
Published-02 Sep, 2025 | 23:32
Updated-23 Oct, 2025 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Mobile Shop Management System AddNewProduct.php unrestricted upload

A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Fabian RosSource Code & Projects
Product-mobile_shop_management_systemMobile Shop Management System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-1388
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.23% / 45.23%
||
7 Day CHG~0.00%
Published-17 Feb, 2025 | 03:59
Updated-17 Nov, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Learning Digital Orca HCM - Arbitrary File Upload

Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells

Action-Not Available
Vendor-learningdigitalLearning Digital
Product-orca_hcmOrca HCM
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-14195
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.00%
||
7 Day CHG~0.00%
Published-07 Dec, 2025 | 15:02
Updated-10 Dec, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Employee Profile Management System add_file_query.php unrestricted upload

A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add_file_query.php. The manipulation of the argument per_file results in unrestricted upload. The attack may be launched remotely. The exploit has been released to the public and may be exploited.

Action-Not Available
Vendor-carmelogarciaSource Code & Projects
Product-employee_profile_management_systemEmployee Profile Management System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-9112
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.19% / 40.69%
||
7 Day CHG+0.03%
Published-08 Sep, 2025 | 18:23
Updated-09 Sep, 2025 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Doccure <= 1.4.8 - Authenticated (Subscriber+) Arbitrary File Upload

The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'doccure_temp_file_uploader' function in all versions up to, and including, 1.4.8. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-dreamstechnologies
Product-Doccure
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13238
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.00%
||
7 Day CHG~0.00%
Published-16 Nov, 2025 | 05:32
Updated-21 Nov, 2025 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bdtask Flight Booking Software Edit Profile edit unrestricted upload

A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This manipulation causes unrestricted upload. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-bdtaskBdtask
Product-flight_booking_softwareFlight Booking Software
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-12775
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.33% / 55.37%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 08:27
Updated-18 Nov, 2025 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Dropzone <= 1.1.0 - Authenticated (Subscriber+) Arbitrary File Upload

The WP Dropzone plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 1.1.0 via the `ajax_upload_handle` function. This is due to the chunked upload functionality writing files directly to the uploads directory before any file type validation occurs. This makes it possible for authenticated attackers, with subscriber level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-nazsabuz
Product-WP Dropzone
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-9942
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 13.34%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 00:32
Updated-04 Sep, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CodeAstro Real Estate Management System submitproperty.php unrestricted upload

A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-CodeAstro
Product-real_estate_management_systemReal Estate Management System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13573
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.00%
||
7 Day CHG~0.00%
Published-23 Nov, 2025 | 23:32
Updated-02 Dec, 2025 | 03:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
projectworlds can pass malicious payloads add_book.php unrestricted upload

A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This vulnerability affects unknown code of the file /add_book.php. The manipulation of the argument image results in unrestricted upload. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Action-Not Available
Vendor-Projectworlds
Product-advanced_library_management_systemcan pass malicious payloads
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13156
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.35% / 57.28%
||
7 Day CHG~0.00%
Published-21 Nov, 2025 | 08:28
Updated-21 Nov, 2025 | 15:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vitepos – Point of Sale (POS) for WooCommerce <= 3.3.0 - Authenticated (Subscriber+) Arbitrary File Upload to Remote Code Execution

The Vitepos – Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the insert_media_attachment() function in all versions up to, and including, 3.3.0. This is due to the save_update_category_img() function accepting user-supplied file types without validation when processing category images. This makes it possible for authenticated attackers, with subscriber level access and above, to upload arbitrary files on the affected site's server which makes remote code execution possible.

Action-Not Available
Vendor-appsbd
Product-Vitepos – Point of Sale (POS) for WooCommerce
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13062
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.13% / 32.28%
||
7 Day CHG+0.02%
Published-15 Jan, 2026 | 13:23
Updated-16 Jan, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Supreme Modules Lite <= 2.5.62 - Authenticated (Author+) Arbitrary File Upload via JSON Upload Bypass

The Supreme Modules Lite plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.5.62. This is due to insufficient file type validation detecting JSON files, allowing double extension files to bypass sanitization while being accepted as a valid JSON file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-divisupreme
Product-Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-3164
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-20.78% / 95.48%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 05:45
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php.

Action-Not Available
Vendor-churchdeskn/a
Product-churchrotan/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-12846
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-11 Nov, 2025 | 11:03
Updated-14 Nov, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Blocksy Companion <= 2.1.19 - Authenticated (Author+) Arbitrary File Upload via SVG Upload Bypass

The Blocksy Companion plugin for WordPress is vulnerable to authenticated arbitrary file upload in all versions up to, and including, 2.1.19. This is due to insufficient file type validation detecting SVG files, allowing double extension files to bypass sanitization while being accepted as a valid SVG file. This makes it possible for authenticated attackers, with author level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-creativethemeshq
Product-Blocksy Companion
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2017-9380
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.88% / 74.98%
||
7 Day CHG~0.00%
Published-02 Jun, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenEMR 5.0.0 and prior allows low-privilege users to upload files of dangerous types which can result in arbitrary code execution within the context of the vulnerable application.

Action-Not Available
Vendor-n/aOpenEMR Foundation, Inc
Product-openemrn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-3796
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.3||MEDIUM
EPSS-0.06% / 18.80%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 21:00
Updated-02 Aug, 2024 | 07:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bug Finder Foody Friend Profile Picture profile unrestricted upload

A vulnerability, which was classified as problematic, has been found in Bug Finder Foody Friend 1.0. Affected by this issue is some unknown functionality of the file /user/profile of the component Profile Picture Handler. The manipulation of the argument profile_picture leads to unrestricted upload. The attack may be launched remotely. The identifier of this vulnerability is VDB-235064. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-bugfinderBug Finder
Product-foody_friendFoody Friend
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-3797
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.74%
||
7 Day CHG~0.00%
Published-20 Jul, 2023 | 21:31
Updated-22 Nov, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System UploadFloodPlanFileUpdate.ashx unrestricted upload

A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of the argument Filedata leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier VDB-235065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-istrongGen Technology
Product-four_mountain_torrent_disaster_prevention\,_control_monitoring_and_early_warning_systemFour Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13066
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-05 Dec, 2025 | 03:28
Updated-08 Dec, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Demo Importer Plus <= 2.0.6 - Authenticated (Author+) Arbitrary File Upload via WXR Upload Bypass

The Demo Importer Plus plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 2.0.6. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitization while being accepted as a valid WXR file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-kraftplugins
Product-Demo Importer Plus
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-29907
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 67.87%
||
7 Day CHG~0.00%
Published-31 Aug, 2021 | 16:05
Updated-16 Sep, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowslinux_kernelopenpages_with_watsonOpenPages with Watson
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13094
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.35% / 57.28%
||
7 Day CHG+0.05%
Published-13 Dec, 2025 | 04:31
Updated-15 Dec, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP3D Model Import Viewer <= 1.0.7 - Authenticated (Contributor+) Arbitrary File Upload

The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_import_file() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-wp3d
Product-WP3D Model Import Viewer
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13061
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.00%
||
7 Day CHG~0.00%
Published-12 Nov, 2025 | 20:32
Updated-17 Nov, 2025 | 12:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Online Voting System index.php unrestricted upload

A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown function of the file /index.php?page=manage_voting. Performing manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Action-Not Available
Vendor-ITSourceCodeAngel Jude Reyes Suarez
Product-online_voting_systemOnline Voting System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-9153
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 13.83%
||
7 Day CHG~0.00%
Published-19 Aug, 2025 | 18:32
Updated-21 Aug, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
itsourcecode Online Tour and Travel Management System travellers.php unrestricted upload

A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used.

Action-Not Available
Vendor-ITSourceCodemayuri_k
Product-online_tour_\&_travel_management_systemOnline Tour and Travel Management System
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2023-37502
Matching Score-4
Assigner-HCL Software
ShareView Details
Matching Score-4
Assigner-HCL Software
CVSS Score-9||CRITICAL
EPSS-0.09% / 25.45%
||
7 Day CHG~0.00%
Published-18 Oct, 2023 | 22:51
Updated-13 Sep, 2024 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
An unrestricted file upload vulnerability affects HCL Compass

HCL Compass is vulnerable to lack of file upload security.  An attacker could upload files containing active code that can be executed by the server or by a user's web browser.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-hcl_compassHCL Compasshcl_compass
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-12957
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.88%
||
7 Day CHG-0.07%
Published-16 Jan, 2026 | 04:44
Updated-16 Jan, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
All-in-One Video Gallery <= 4.5.7 - Authenticated (Author+) Arbitrary File Upload via VTT Upload Bypass

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.5.7. This is due to insufficient file type validation detecting VTT files, allowing double extension files to bypass sanitization while being accepted as a valid VTT file. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-plugins360
Product-All-in-One Video Gallery
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2019-16066
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.40% / 60.25%
||
7 Day CHG~0.00%
Published-19 Mar, 2020 | 17:56
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unrestricted file upload vulnerability exists in user and system file upload functions in NETSAS Enigma NMS 65.0.0 and prior. This allows an attacker to upload malicious files and perform arbitrary code execution on the system.

Action-Not Available
Vendor-netsasn/a
Product-enigma_network_management_solutionn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-7939
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 17.08%
||
7 Day CHG~0.00%
Published-21 Jul, 2025 | 20:32
Updated-06 Nov, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
jerryshensjf JPACookieShop 蛋糕商城JPA版 GoodsController.java addGoods unrestricted upload

A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. It has been classified as critical. Affected is the function addGoods of the file GoodsController.java. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely.

Action-Not Available
Vendor-jerryshensjfjerryshensjf
Product-jpacookieshopJPACookieShop 蛋糕商城JPA版
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-12966
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.35% / 57.28%
||
7 Day CHG~0.00%
Published-06 Dec, 2025 | 09:25
Updated-08 Dec, 2025 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
All-in-One Video Gallery 4.5.4 - 4.5.7 – Authenticated (Author+) Arbitrary File Upload via Import ZIP

The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the resolve_import_directory() function in versions 4.5.4 to 4.5.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-plugins360
Product-All-in-One Video Gallery
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-28931
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.42% / 61.68%
||
7 Day CHG~0.00%
Published-07 Jul, 2021 | 14:01
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.

Action-Not Available
Vendor-fork-cmsn/a
Product-fork_cmsn/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-8323
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-8.7||HIGH
EPSS-0.21% / 43.48%
||
7 Day CHG~0.00%
Published-30 Jul, 2025 | 02:54
Updated-31 Jul, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ventem|e-School - Arbitrary File Upload

The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Action-Not Available
Vendor-Ventem
Product-e-School
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-12968
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.35% / 57.28%
||
7 Day CHG+0.05%
Published-12 Dec, 2025 | 03:20
Updated-15 Dec, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Infility Global <= 2.14.23 - Authenticated (Subscriber+) Arbitrary File Upload

The Infility Global plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and capability checks in all versions up to, and including, 2.14.23. This is due to the `upload_file` function in the `infility_import_file` class only validating the MIME type which can be easily spoofed, and the `import_data` function missing capability checks. This makes it possible for authenticated attackers, with subscriber level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-infility
Product-Infility Global
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13689
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-0.03% / 10.50%
||
7 Day CHG~0.00%
Published-17 Feb, 2026 | 22:26
Updated-19 Feb, 2026 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads.

Action-Not Available
Vendor-IBM Corporation
Product-DataStage on Cloud Pak
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-13543
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.11% / 29.05%
||
7 Day CHG~0.00%
Published-04 Dec, 2025 | 20:27
Updated-09 Dec, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PostGallery <= 1.12.5 - Authenticated (Subscriber+) Arbitrary File Upload

The PostGallery plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'PostGalleryUploader' class functions in all versions up to, and including, 1.12.5. This makes it possible for authenticated attackers, with subscriber-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-rtowebsites
Product-PostGallery
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-29092
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-8.8||HIGH
EPSS-1.20% / 78.65%
||
7 Day CHG~0.00%
Published-01 Jun, 2021 | 09:45
Updated-16 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unrestricted upload of file with dangerous type vulnerability in file management component in Synology Photo Station before 6.8.14-3500 allows remote authenticated users to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-photo_stationSynology Photo Station
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2025-8965
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 15:32
Updated-11 Sep, 2025 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
linlinjava litemall Endpoint AdminStorageController.java create unrestricted upload

A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-linlinjavalinlinjava
Product-litemalllitemall
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 16
  • 17
  • Next
Details not found