CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,083 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 71 of 82
- CVE-2025-52353CRITICALCVSS 9.8EG 9.82025-08-26
An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is …
- CVE-2025-5243CRITICALCVSS 10.0EG 10.02025-07-24
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web…
- CVE-2025-52449HIGHCVSS 8.5EG 8.52025-07-25
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Extensible Protocol Service modules) allows Alternative Execution Due to Deceptive Filenames (RCE). This issue affects Tableau Se…
- CVE-2025-52546MEDIUMCVSS 6.1EG 6.12025-09-02
E3 Site Supervisor Control (firmware version < 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to upload floor plan files. By uploading a specially crafted floor plan file, an attacker can inject a stored XSS …
- CVE-2025-52691CRITICALCVSS 10.0EG 10.0⚠ KEV2025-12-29
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
- CVE-2025-52758CRITICALCVSS 9.1EG 9.12025-10-22
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy allows Using Malicious Files.This issue affects Zippy: from n/a through <= 1.7.0.
- CVE-2025-5299HIGHCVSS 7.3EG 7.32025-05-28
A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /user_order_customer_update.php. The manipulation of the argument uplo…
- CVE-2025-53119HIGHCVSS 7.5EG 7.52025-08-25
An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server.
- CVE-2025-53213CRITICALCVSS 9.9EG 9.92025-08-20
Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ReachShip WooCommerce Multi-Carrier & Conditional Shipping elex-reachship-multi-carrier-conditional-shipping allows Using Malicious Files.This issue affects Reac…
- CVE-2025-5322HIGHCVSS 7.2EG 7.22025-07-03
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the do_updatecar and createcar functions in all versions up to, and including, 1.4.3. This make…
- CVE-2025-53251CRITICALCVSS 9.9EG 9.92025-08-21
Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP pin-wp allows Upload a Web Shell to a Web Server.This issue affects Pin WP: from n/a through < 7.2.
- CVE-2025-53260CRITICALCVSS 9.1EG 9.12025-06-27
Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager Plugin For Wordpress file-manager-plugin-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects File Manager Plugin For Word…
- CVE-2025-53283CRITICALCVSS 10.0EG 10.02025-11-06
Unrestricted Upload of File with Dangerous Type vulnerability in borisolhor Drop Uploader for CF7 - Drag&Drop File Uploader Addon drop-uploader-for-contact-form-7-dragdrop-file-uploader-addon allows Upload a Web Shell to a Web Server.This …
- CVE-2025-53891MEDIUMCVSS 4.3EG 4.32025-07-15
The timelineofficial/Time-Line- repository contains the source code for the TIME LINE website. A vulnerability was found in the TIME LINE website where uploaded files (instruction/message media) are not strictly validated for type and size…
- CVE-2025-5395HIGHCVSS 8.8EG 8.82025-06-11
The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'core.php' file in all versions up to, and including, 3.115.0. This makes it possible for authentic…
- CVE-2025-53970CRITICALCVSS 9.8EG 9.82025-08-28
SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
- CVE-2025-5406HIGHCVSS 8.8EG 6.32025-06-01
A vulnerability, which was classified as critical, was found in chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513. Affected is an unknown function of the file /admin/posts.php?source=add_post. The manipulation of the ar…
- CVE-2025-54071CRITICALCVSS 9.4EG 9.42025-07-21
RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. In versions 4.0.0-beta.3 and below, an authenticated arbitrary file write vulnerability exists in the /api/saves…
- CVE-2025-54082HIGHCVSS 8.1EG 8.12025-07-21
marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. Prior to 5.7.0, a vulnerability was discovered in the marshmallow-packages/nova-tiptap Laravel Nova package that allows unauthenticated users to uploa…
- CVE-2025-54439HIGHCVSS 8.8EG 8.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54440CRITICALCVSS 9.8EG 9.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54441HIGHCVSS 8.8EG 8.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54442CRITICALCVSS 9.8EG 9.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54444CRITICALCVSS 9.8EG 9.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54447HIGHCVSS 8.1EG 8.12025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54448CRITICALCVSS 9.8EG 9.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54449CRITICALCVSS 9.8EG 9.82025-07-23
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
- CVE-2025-54460HIGHCVSS 7.1EG 7.12025-08-21
The vulnerability, if exploited, could allow an authenticated miscreant (with privileges to create or access publication targets of type Text File or HDFS) to upload and persist files that could potentially be executed.
- CVE-2025-54473CRITICALCVSS 9.2EG 9.22025-08-15
An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.
- CVE-2025-54677CRITICALCVSS 9.1EG 9.12025-08-20
Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Using Malicious Files.This issue affects Online Booking & Scheduling Calen…
- CVE-2025-54693CRITICALCVSS 9.0EG 9.02025-08-14
Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block form-block allows Upload a Web Shell to a Web Server.This issue affects Form Block: from n/a through <= 1.5.5.
- CVE-2025-54757MEDIUMCVSS 6.5EG 6.52025-07-31
Multiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded by a product user, an arbitrary script may be executed on the browser.
- CVE-2025-54762CRITICALCVSS 9.8EG 9.82025-08-28
SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
- CVE-2025-54769HIGHCVSS 8.8EG 8.82025-07-29
An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve r…
- CVE-2025-54944CRITICALCVSS 9.8EG 9.82025-08-30
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution.
- CVE-2025-54962MEDIUMCVSS 6.4EG 6.42025-08-04
/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI.
- CVE-2025-55061HIGHCVSS 8.8EG 8.82025-12-29
CWE-434 Unrestricted Upload of File with Dangerous Type
- CVE-2025-55135MEDIUMCVSS 6.4EG 6.42025-08-07
In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG.
- CVE-2025-55251LOWCVSS 3.1EG 3.12026-01-19
HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.
- CVE-2025-55383HIGHCVSS 8.6EG 8.62025-08-21
Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server.
- CVE-2025-55454HIGHCVSS 8.8EG 8.82025-08-22
An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrary code via uploading a crafted file.
- CVE-2025-55455LOWCVSS 3.5EG 3.52025-08-22
DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via the component /msg/sendtext.
- CVE-2025-55743HIGHCVSS 8.8EG 8.82025-08-21
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request…
- CVE-2025-55746CRITICALCVSS 9.3EG 9.32025-08-20
Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrar…
- CVE-2025-55810MEDIUMCVSS 6.8EG 6.82025-11-13
A vulnerability was found in Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a…
- CVE-2025-55835CRITICALCVSS 9.8EG 9.82025-09-12
File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering.
- CVE-2025-55912HIGHCVSS 7.3EG 7.32025-09-18
An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload h…
- CVE-2025-56218CRITICALCVSS 9.8EG 9.82025-10-17
An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.
- CVE-2025-56263HIGHCVSS 8.8EG 8.82025-09-16
by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users can upload files of any size and type.
- CVE-2025-56265HIGHCVSS 8.8EG 8.82025-09-08
An arbitrary file upload vulnerability in the Chat Trigger component of N8N v1.95.3, v1.100.1, and v1.101.1 allows attackers to execute arbitrary code via uploading a crafted HTML file.
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →