CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,083 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 72 of 82
- CVE-2025-56295HIGHCVSS 7.3EG 7.32025-09-16
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server p…
- CVE-2025-56515HIGHCVSS 8.8EG 8.82025-10-01
File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing iframe tag…
- CVE-2025-56704HIGHCVSS 8.8EG 8.82025-12-09
LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP…
- CVE-2025-57148CRITICALCVSS 9.1EG 9.12025-09-03
phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
- CVE-2025-57176MEDIUMCVSS 6.5EG 4.32025-09-15
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload pack…
- CVE-2025-5728HIGHCVSS 8.8EG 6.32025-06-06
A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation of the argument website_image leads to u…
- CVE-2025-5746CRITICALCVSS 9.8EG 9.82025-07-02
The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7_upload_chunks() function in version 5.0 - 5.0.5 (when bundled…
- CVE-2025-57460CRITICALCVSS 9.8EG 9.82025-12-29
File upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell.
- CVE-2025-57642HIGHCVSS 7.2EG 7.22025-09-10
A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in th…
- CVE-2025-57794CRITICALCVSS 9.1EG 9.12026-01-28
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administrative interface. The application does not adequately restrict uploaded file types, allowing malicious files to be uplo…
- CVE-2025-57795CRITICALCVSS 9.9EG 9.92026-01-28
Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution.
- CVE-2025-58048CRITICALCVSS 9.9EG 9.92025-08-28
Paymenter is a free and open-source webshop solution for hostings. Prior to version 1.2.11, the ticket attachments functionality in Paymenter allows a malicious authenticated user to upload arbitrary files. This could result in sensitive d…
- CVE-2025-58159CRITICALCVSS 9.9EG 9.92025-08-29
WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper validation of uploaded files. The application allows an attacker to upload files with arb…
- CVE-2025-5831HIGHCVSS 8.8EG 8.82025-07-25
The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the make_google_font_offline() function in all versions up to, and excluding, 2.5.2. This makes it possible for authenticated att…
- CVE-2025-5840HIGHCVSS 7.3EG 7.32025-06-07
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file …
- CVE-2025-5873MEDIUMCVSS 6.3EG 6.32025-06-09
A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manipulation of the argument media results in…
- CVE-2025-58745CRITICALCVSS 9.9EG 9.92025-09-08
WeGIA is a Web manager for charitable institutions. The fix for CVE-2025-22133 was not enough to remediate the arbitrary file upload vulnerability. The WeGIA only check MIME types for Excel files at endpoint `/html/socio/sistema/controller…
- CVE-2025-58819CRITICALCVSS 9.1EG 9.12025-09-05
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: from n/a through <= 1.2.4.
- CVE-2025-58963CRITICALCVSS 10.0EG 9.82025-10-22
Unrestricted Upload of File with Dangerous Type vulnerability in 7oroof Medcity medcity allows Upload a Web Shell to a Web Server.This issue affects Medcity: from n/a through < 1.1.9.
- CVE-2025-58996CRITICALCVSS 9.1EG 9.12025-11-06
Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Upload a Web Shell to a Web Server.This issue affects Advanced Settings: from n/a through <= 3.1.1.
- CVE-2025-59118HIGHCVSS 7.3EG 7.32025-11-12
Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommended to upgrade to version 24.09.03, which fixes the issue.
- CVE-2025-59524MEDIUMCVSS 6.1EG 6.12025-09-24
Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, the file upload flow performs validation only in the browser and does not enforce server-side checks. An attacker can bypass the client-side…
- CVE-2025-59525MEDIUMCVSS 6.1EG 6.12025-09-24
Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, improper sanitization across the application allows XSS via uploaded SVG (and via allowed <embed>), which can be chained to execute JavaScri…
- CVE-2025-5961HIGHCVSS 7.2EG 7.22025-07-03
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvivid_upload_import_files' function in all versions up to, and includi…
- CVE-2025-59710HIGHCVSS 8.8EG 8.82026-04-03
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the ser…
- CVE-2025-59835HIGHCVSS 8.6EG 8.62025-10-02
LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not…
- CVE-2025-59872CRITICALCVSS 9.8EG 4.32026-06-17
HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows…
- CVE-2025-6002HIGHCVSS 7.2EG 7.22025-06-11
An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to re…
- CVE-2025-60187MEDIUMCVSS 4.8EG 4.82025-11-06
Unrestricted Upload of File with Dangerous Type vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Using Malicious Files.This issue affects Atarim: from n/a through <= 4.2.1.
- CVE-2025-60207CRITICALCVSS 10.0EG 10.02025-11-06
Unrestricted Upload of File with Dangerous Type vulnerability in Addify Custom User Registration Fields for WooCommerce user-registration-plugin-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Custom User Regis…
- CVE-2025-60218CRITICALCVSS 9.9EG 9.92026-06-17
Subscriber Arbitrary File Upload in PT Luxa Addons <= 1.2.2 versions.
- CVE-2025-60219CRITICALCVSS 10.0EG 10.02025-09-26
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through <= 1.9.24.
- CVE-2025-60235CRITICALCVSS 10.0EG 10.02025-11-06
Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Support Ticket System for WooCommerce (Premium) support-ticket-system-for-woocommerce allows Using Malicious Files.This issue affects Support Ticket System for WooCom…
- CVE-2025-60500HIGHCVSS 7.2EG 7.22025-10-21
QDocs Smart School Management System 7.1 allows authenticated users with roles such as "accountant" or "admin" to bypass file type restrictions in the media upload feature by abusing the alternate YouTube URL option. This logic flaw permit…
- CVE-2025-6057HIGHCVSS 8.8EG 8.82025-07-12
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_image_upload() function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attac…
- CVE-2025-6058CRITICALCVSS 9.8EG 9.82025-07-12
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image_upload_handle() function hooked via the 'add_booking_type' route in all versions up to, and including, 1.0.4. This m…
- CVE-2025-60731HIGHCVSS 7.6EG 7.62025-10-24
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function
- CVE-2025-60735HIGHCVSS 7.6EG 7.62025-10-24
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function
- CVE-2025-6079HIGHCVSS 8.8EG 8.82025-08-16
The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for a…
- CVE-2025-6085HIGHCVSS 7.2EG 7.22025-09-04
The Make Connector plugin for WordPress is vulnerable to arbitrary file uploads due to misconfigured file type validation in the 'upload_media' function in all versions up to, and including, 1.5.10. This makes it possible for authenticated…
- CVE-2025-6086HIGHCVSS 7.2EG 7.22025-06-18
The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'csv_me_options_page' function in all versions up to, and including, 2.0. This makes it possible for authenticated atta…
- CVE-2025-61181MEDIUMCVSS 6.5EG 6.52025-10-21
daicuocms V1.3.13 contains an arbitrary file upload vulnerability in the image upload feature.
- CVE-2025-61417HIGHCVSS 8.8EG 8.82025-10-20
Cross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a malicious SVG file containing JavaScript code. When an administrator previews the file, the code ex…
- CVE-2025-61506CRITICALCVSS 9.8EG 9.82026-02-03
An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint.
- CVE-2025-6161CRITICALCVSS 9.8EG 7.32025-06-17
A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted uplo…
- CVE-2025-61678HIGHCVSS 8.6EG 8.62025-10-14
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains an authenticated arbitr…
- CVE-2025-61681MEDIUMCVSS 5.4EG 5.42025-10-03
KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Co…
- CVE-2025-61687HIGHCVSS 8.8EG 8.32025-10-06
Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables…
- CVE-2025-61768MEDIUMCVSS 5.1EG 5.12025-10-06
KUNO CMS is a fully deployable full-stack blog application. In versions prior to 1.3.15, an SSRF (Server-Side Request Forgery) vulnerability exists in the Media module of the Kuno CMS administrative panel. A logged-in administrator can upl…
- CVE-2025-61808CRITICALCVSS 9.1EG 9.12025-12-10
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could lead to arbitrary code execution by a high priviledged attacker. Exploitation of this issu…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →