Vulnerabilities (CVE)

Filtered by CWE-434
Total 3058 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31505 1 Schlix 1 Cms 2025-06-20 N/A 7.2 HIGH
An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file.
CVE-2024-35079 1 Inxedu 1 Inxedu 2025-06-20 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file.
CVE-2024-35080 1 Inxedu 1 Inxedu 2025-06-20 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the gok4 method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file.
CVE-2024-35570 1 Inxedu 1 Inxedu 2025-06-20 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file.
CVE-2023-51925 1 Yonyou 1 Yonbip 2025-06-20 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2021-31314 1 Ejinshan 1 Terminal Security System 2025-06-20 N/A 9.8 CRITICAL
File upload vulnerability in ejinshan v8+ terminal security system allows attackers to upload arbitrary files to arbitrary locations on the server.
CVE-2023-51806 1 Ujcms 1 Ujcms 2025-06-20 N/A 5.4 MEDIUM
File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a crafted file.
CVE-2023-4536 1 Koalaapps 1 My Account Page Editor 2025-06-20 N/A 8.8 HIGH
The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to be uploaded, allowing any authenticated users, such as subscriber to upload arbitrary files to the server, leading to RCE
CVE-2022-1538 1 Themely 1 Theme Demo Import 2025-06-20 N/A 7.2 HIGH
Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed.
CVE-2025-4102 2025-06-20 N/A 7.2 HIGH
The Beaver Builder Plugin (Starter Version) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_enabled_icons' function in all versions up to, and including, 2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability was partially patched in version 2.9.1.
CVE-2025-6266 2025-06-19 6.5 MEDIUM 6.3 MEDIUM
A vulnerability was found in FLIR AX8 up to 1.46. It has been declared as critical. This vulnerability affects unknown code of the file /upload.php. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-3508 1 Redhat 1 Trusted Profile Analyzer 2025-06-18 N/A 4.3 MEDIUM
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform this verification, the uploaded file must first be decompressed.
CVE-2024-31777 1 Openeclass 1 Openeclass 2025-06-18 N/A 9.8 CRITICAL
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint.
CVE-2023-5957 1 Naziinfotech 1 Ni Purchase Order\(po\) For Woocommerce 2025-06-18 N/A 7.2 HIGH
The Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell.
CVE-2025-46157 2025-06-18 N/A 9.9 CRITICAL
An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form
CVE-2025-6220 2025-06-18 N/A 7.2 HIGH
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 3.5.12. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2025-32028 1 Haxtheweb 1 Hax 2025-06-18 N/A 9.9 CRITICAL
HAX CMS PHP allows you to manage your microsite universe with PHP backend. Multiple file upload functions within the HAX CMS PHP application call a ’save’ function in ’HAXCMSFile.php’. This save function uses a denylist to block specific file types from being uploaded to the server. This list is non-exhaustive and only blocks ’.php’, ’.sh’, ’.js’, and ’.css’ files. The existing logic causes the system to "fail open" rather than "fail closed." This vulnerability is fixed in 10.0.3.
CVE-2025-6086 2025-06-18 N/A 7.2 HIGH
The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'csv_me_options_page' function in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2025-4413 2025-06-18 N/A 8.8 HIGH
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay_upload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2023-39462 1 Trianglemicroworks 1 Scada Data Gateway 2025-06-17 N/A 6.5 MEDIUM
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536.