CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,083 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 81 of 82
- CVE-2026-5261HIGHCVSS 7.3EG 7.32026-04-01
A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It …
- CVE-2026-52705CRITICALCVSS 9.0EG 9.02026-06-17
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions.
- CVE-2026-5364HIGHCVSS 8.1EG 8.12026-04-24
The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.1.3. This is due to the plugin extracting the file extension before sanitization occurs and al…
- CVE-2026-53691HIGHCVSS 8.6EG 8.62026-06-30
An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate fil…
- CVE-2026-53724LOWCVSS 2.1EG 2.12026-06-12
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1-alpha.4, the default file upload extension blocklist can be bypassed by appending a trailing dot to …
- CVE-2026-53787CRITICALCVSS 9.8EG 9.82026-06-12
Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to write arbitrary files to the store's media directory by submitting files of…
- CVE-2026-53909MEDIUMCVSS 6.5EG 6.52026-07-01
MCO does not correctly validate types of uploaded files. File upload validation functionality relies only on client-side checks, which can be bypassed. An authorized, low-privileged attacker can upload files with arbitrary types to the ser…
- CVE-2026-53948MEDIUMCVSS 5.4EG 5.42026-06-24
Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to be served from the site with an attacke…
- CVE-2026-5411HIGHCVSS 8.8EG 8.82026-06-05
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 5.38. This is due to a capability c…
- CVE-2026-54414CRITICALCVSS 9.8EG 9.82026-06-19
FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint (/api/folder/uploadToSharedFolder.php), leading to arbitrary file write and administrator account takeover. The upload filename is validated by Fol…
- CVE-2026-5472MEDIUMCVSS 6.3EG 6.32026-04-03
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The affected element is an unknown function of the file /admin_panel/settings.php of the component Profile Picture Handle…
- CVE-2026-5482CRITICALCVSS 9.3EG 9.32026-06-15
Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assi…
- CVE-2026-5524CRITICALCVSS 9.8EG 9.82026-07-02
The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to... The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to Remote Code Execution in all versions up to and i…
- CVE-2026-5546MEDIUMCVSS 6.3EG 6.32026-04-05
A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function add_lesson of the file /application/models/Crud_model.php. This manipulation causes unrestricted upload. It is possible to initiat…
- CVE-2026-55633HIGHCVSS 8.7EG 8.72026-07-07
DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a bypass of the H2 zip protocol and file dropper fix allows an authenticated attacker to upload a zip archive disguised with a .ttf extension through FontMa…
- CVE-2026-5573HIGHCVSS 7.3EG 7.32026-04-05
A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unknown function of the file /fs. Executing a manipulation of the argument cwd can lead to unrestricted upload. The attack can be launched remo…
- CVE-2026-5576MEDIUMCVSS 4.7EG 4.72026-04-05
A flaw has been found in SourceCodester/jkev Record Management System 1.0. Affected by this issue is some unknown functionality of the file save_emp.php of the component Add Employee Page. This manipulation causes unrestricted upload. Remo…
- CVE-2026-55778LOWCVSS 2.1EG 2.12026-06-19
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.9.1-alpha.11 and 8.6.81, the default fileUpload.fileExtensions blocklist could be bypassed by uploading a file with a non-st…
- CVE-2026-56027CRITICALCVSS 9.9EG 9.92026-06-26
Customer Arbitrary File Upload in Booster for WooCommerce <= 8.0.1 versions.
- CVE-2026-56058CRITICALCVSS 9.9EG 9.92026-06-26
Subscriber Arbitrary File Upload in Quform <= 2.23.0 versions.
- CVE-2026-56059CRITICALCVSS 9.9EG 9.92026-06-26
Subscriber Arbitrary File Upload in Travel Booking <= 2.2.5 versions.
- CVE-2026-56290CRITICALCVSS 9.8EG 9.8⚠ KEV2026-06-29
The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
- CVE-2026-56291CRITICALCVSS 10.0EG 10.0⚠ KEV2026-07-09
The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
- CVE-2026-56414HIGHCVSS 7.2EG 7.22026-06-26
A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This de…
- CVE-2026-5670MEDIUMCVSS 6.3EG 6.32026-04-06
A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function move_uploaded_file of the file /AssignmentSection/submission/upload.php. Performing a manipula…
- CVE-2026-5704MEDIUMCVSS 5.0EG 5.02026-04-06
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, poten…
- CVE-2026-5718HIGHCVSS 8.1EG 8.12026-04-17
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.7. This is due to insufficient file type validation that occurs when custom black…
- CVE-2026-57658CRITICALCVSS 9.1EG 9.12026-06-26
Administrator Arbitrary File Upload in TemplateSpare <= 4.2.0 versions.
- CVE-2026-57700CRITICALCVSS 10.0EG 10.02026-06-25
Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6.
- CVE-2026-57710CRITICALCVSS 9.9EG 9.92026-07-13
Unrestricted Upload of File with Dangerous Type vulnerability in quantumcloud WoowBot Pro Max woowbot-pro-max allows Using Malicious Files.This issue affects WoowBot Pro Max: from n/a through <= 14.1.7.
- CVE-2026-57719CRITICALCVSS 10.0EG 10.02026-07-13
Unrestricted Upload of File with Dangerous Type vulnerability in CodeRevolution Aimogen Pro aimogen-pro allows Using Malicious Files.This issue affects Aimogen Pro: from n/a through <= 2.8.3.
- CVE-2026-57827CRITICALCVSS 10.0EG 9.82026-07-11
The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
- CVE-2026-57828CRITICALCVSS 9.0EG 9.02026-07-11
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE.
- CVE-2026-58409CRITICALCVSS 9.1EG 9.12026-07-13
ChurchCRM is an open-source church management system. Prior to version 7.4.0, an authenticated administrator can achieve Remote Code Execution (RCE) on the server by installing a malicious plugin ZIP archive containing a PHP webshell. The …
- CVE-2026-58480CRITICALCVSS 9.8EG 9.82026-07-08
Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the save_attachments function ex…
- CVE-2026-58654MEDIUMCVSS 4.3EG 4.32026-07-08
The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint (/api/v1/users/user/avatar). The endpoint validates only the client-declared MIME type (getClientMediaType…
- CVE-2026-61448LOWCVSS 2.1EG 2.12026-07-11
Parse Server is affected by a stored cross-site scripting (XSS) vulnerability in versions >= 9.0.0, < 9.10.0-alpha.2 and <= 8.6.83. When an uploaded file's extension is not recognized by the mime package, Parse Server preserves the client-…
- CVE-2026-6211HIGHCVSS 8.7EG 8.72026-06-12
Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33.
- CVE-2026-6249HIGHCVSS 8.8EG 8.82026-04-20
Vvveb CMS 1.0.8.2 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers …
- CVE-2026-6257CRITICALCVSS 9.1EG 9.12026-04-20
Vvveb CMS v1.0.8.2 contains a remote code execution vulnerability in its media management functionality where a missing return statement in the file rename handler allows authenticated attackers to rename files to blocked extensions .php o…
- CVE-2026-6261HIGHCVSS 8.8EG 8.82026-05-05
The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is due to the upload_icons() function workflow moving and unzipping user-controlled ZIP files into a public uploads directo…
- CVE-2026-6271CRITICALCVSS 9.8EG 9.82026-05-14
The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV upload handler. This is due to missing file type validation. This makes it possible for unauthenticated att…
- CVE-2026-6489MEDIUMCVSS 6.3EG 6.32026-04-17
A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation …
- CVE-2026-6518HIGHCVSS 8.8EG 8.82026-04-18
The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the `cmp_theme_update_install` AJAX action. …
- CVE-2026-6555CRITICALCVSS 9.8EG 9.82026-05-20
The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension an…
- CVE-2026-6561MEDIUMCVSS 4.7EG 4.72026-04-19
A vulnerability was detected in EyouCMS up to 1.7.1. This issue affects the function edit_adminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. The …
- CVE-2026-6596HIGHCVSS 7.3EG 7.32026-04-20
A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results i…
- CVE-2026-6602HIGHCVSS 7.3EG 7.32026-04-20
A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation of the argument ad_dpic resul…
- CVE-2026-6650MEDIUMCVSS 4.7EG 4.72026-04-20
A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zb_users/plugin/AppCentre/app_upload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may…
- CVE-2026-6692HIGHCVSS 8.8EG 8.82026-05-07
The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possibl…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →