CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,083 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 78 of 82
- CVE-2026-2097HIGHCVSS 8.8EG 8.82026-02-10
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
- CVE-2026-2113HIGHCVSS 7.3EG 7.32026-02-07
A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component WebUploader. The manipulation leads to …
- CVE-2026-2133HIGHCVSS 7.3EG 7.32026-02-08
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attac…
- CVE-2026-2146MEDIUMCVSS 6.3EG 6.32026-02-08
A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the function updateAvatar of the file /api/users/updateAvatar of the component co.yixiang.utils.FileUtil. Performing a manipulation of the argument Fil…
- CVE-2026-21536CRITICALCVSS 9.8EG 9.82026-03-05
Microsoft Devices Pricing Program Remote Code Execution Vulnerability
- CVE-2026-21625HIGHCVSS 8.8EG 8.82026-01-16
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.
- CVE-2026-2164HIGHCVSS 7.3EG 7.32026-02-08
A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of the argument File results in unrestricted…
- CVE-2026-2183MEDIUMCVSS 6.3EG 6.32026-02-08
A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestri…
- CVE-2026-21877CRITICALCVSS 9.9EG 9.92026-01-08
n8n is an open source workflow automation platform. In versions 0.121.2 and below, an authenticated attacker may be able to execute malicious code using the n8n service. This could result in full compromise and can impact both self-hosted …
- CVE-2026-2213MEDIUMCVSS 4.7EG 4.72026-02-09
A security flaw has been discovered in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminAddAlbum.php. The manipulation of the argument txtimage results in unrestr…
- CVE-2026-22241HIGHCVSS 7.2EG 7.22026-01-08
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privil…
- CVE-2026-2226MEDIUMCVSS 4.7EG 4.72026-02-09
A vulnerability has been found in DouPHP up to 1.9. This issue affects some unknown processing of the file /admin/file.php of the component ZIP File Handler. Such manipulation of the argument sql_filename leads to unrestricted upload. The …
- CVE-2026-22327CRITICALCVSS 9.9EG 9.92026-06-17
Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
- CVE-2026-2269HIGHCVSS 7.2EG 7.22026-03-03
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the download_url() function. Thi…
- CVE-2026-22707MEDIUMCVSS 5.4EG 5.42026-05-14
Strapi is an open source headless content management system. In Strapi versions prior to 5.33.3, the Upload plugin's Content API endpoints did not enforce the administrator-configured MIME type restrictions (`plugin.upload.security.allowed…
- CVE-2026-22783CRITICALCVSS 9.6EG 9.62026-01-12
Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to 2.4.24, the DFIR-IRIS datastore file management system has a vulnerability where mass assignment of the file_local_…
- CVE-2026-22786HIGHCVSS 7.2EG 7.22026-01-12
Gin-vue-admin is a backstage management system based on vue and gin. Gin-vue-admin <= v2.8.7 has a path traversal vulnerability in the breakpoint resume upload functionality. Attacker can upload any files on any directory. In the breakpoin…
- CVE-2026-22789MEDIUMCVSS 5.4EG 5.42026-01-12
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, WebErpMesv2 contains a file upload validation bypass vulnerability in multiple controllers that allows authenticated users to upload a…
- CVE-2026-22799HIGHCVSS 8.8EG 8.82026-01-12
Emlog is an open source website building system. emlog v2.6.1 and earlier exposes a REST API endpoint (/index.php?rest-api=upload) for media file uploads. The endpoint fails to implement proper validation of file types, extensions, and con…
- CVE-2026-23499MEDIUMCVSS 5.4EG 5.42026-01-21
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing…
- CVE-2026-2354HIGHCVSS 8.8EG 8.82026-07-11
The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a flawed file type validation bypass in the `upload_extension_files()` function in all versions up to, and including, 1.4.6. The `upload_extension_…
- CVE-2026-23697HIGHCVSS 8.8EG 8.82026-07-07
Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing t…
- CVE-2026-23698HIGHCVSS 7.2EG 7.22026-07-07
Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through t…
- CVE-2026-23704MEDIUMCVSS 6.5EG 6.52026-02-04
A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are En…
- CVE-2026-23802CRITICALCVSS 9.1EG 9.12026-03-05
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through <= 3.3.2.
- CVE-2026-24010HIGHCVSS 8.0EG 8.02026-01-22
Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a mali…
- CVE-2026-24014CRITICALCVSS 9.8EG 9.82026-07-06
Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an…
- CVE-2026-24034MEDIUMCVSS 5.4EG 5.42026-01-22
Horilla is a free and open source Human Resource Management System (HRMS). In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo up…
- CVE-2026-24673MEDIUMCVSS 4.3EG 4.32026-02-03
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, a file upload validation bypass vulnerability allows attackers to upload files with prohibited extensions by embedding …
- CVE-2026-24729CRITICALCVSS 10.0EG 10.02026-01-30
An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file.
- CVE-2026-24769CRITICALCVSS 9.0EG 9.02026-01-28
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a stored cross-site scripting (XSS) vulnerability exists in NocoDB’s attachment handling mechanism. Authenticated users can upload malicious SVG files c…
- CVE-2026-24815CRITICALCVSS 10.0EG 10.02026-01-27
Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFi…
- CVE-2026-24897CRITICALCVSS 10.0EG 10.02026-01-28
Erugo is a self-hosted file-sharing platform. In versions up to and including 0.2.14, an authenticated low-privileged user can upload arbitrary files to any specified location due to insufficient validation of user‑supplied paths when cr…
- CVE-2026-24960CRITICALCVSS 9.9EG 9.92026-03-05
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Charety charety allows Using Malicious Files.This issue affects Charety: from n/a through < 2.0.2.
- CVE-2026-25056HIGHCVSS 8.8EG 8.82026-02-04
n8n is an open source workflow automation platform. Prior to versions 1.118.0 and 2.4.0, a vulnerability in the Merge node's SQL Query mode allowed authenticated users with permission to create or modify workflows to write arbitrary files …
- CVE-2026-25200CRITICALCVSS 9.8EG 9.82026-02-02
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.
- CVE-2026-25201HIGHCVSS 8.8EG 8.82026-02-02
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.
- CVE-2026-25413CRITICALCVSS 9.9EG 9.92026-03-25
Unrestricted Upload of File with Dangerous Type vulnerability in iqonicdesign WPBookit Pro wpbookit-pro allows Using Malicious Files.This issue affects WPBookit Pro: from n/a through <= 1.6.18.
- CVE-2026-25446CRITICALCVSS 9.9EG 9.92026-06-17
Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.
- CVE-2026-2550CRITICALCVSS 9.8EG 9.82026-02-16
A vulnerability was found in EFM iptime A6004MX 14.18.2. Affected is the function commit_vpncli_file_upload of the file /cgi/timepro.cgi. The manipulation results in unrestricted upload. The attack may be performed from remote. The exploit…
- CVE-2026-25510CRITICALCVSS 9.9EG 9.92026-02-03
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote …
- CVE-2026-25923CRITICALCVSS 9.1EG 9.12026-02-09
my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a mali…
- CVE-2026-2684HIGHCVSS 7.3EG 7.32026-02-19
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. Executing a manipulation of the argumen…
- CVE-2026-2701CRITICALCVSS 9.1EG 9.12026-04-02
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
- CVE-2026-27041CRITICALCVSS 9.9EG 9.92026-06-17
Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions.
- CVE-2026-27043HIGHCVSS 7.2EG 7.22026-03-19
Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a before 7.7.6.
- CVE-2026-27067CRITICALCVSS 9.1EG 9.12026-03-19
Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through <= 1.3.1.
- CVE-2026-27419CRITICALCVSS 9.9EG 9.92026-07-02
Subscriber Arbitrary File Upload in Zegen <= 1.1.9 versions.
- CVE-2026-2743CRITICALCVSS 9.8EG 9.82026-03-05
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
- CVE-2026-27540CRITICALCVSS 9.0EG 9.02026-03-19
Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Captur…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →