CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,011 vulnerabilities with CWE-434
CVE-2025-57148 CRITICAL
Phpgurukul Online Shopping Portal - Unrestricted File Upload
CVSS 9.1
CVE-2025-9847 MEDIUM
Scriptandtools Real Estate Management System - Improper Access Control
CVSS 6.3
CVE-2025-9841 MEDIUM
Fabian Mobile Shop Management System - Improper Access Control
CVSS 6.3
CVE-2025-52546 MEDIUM
Copeland E3 Supervisory Controller Firmware - Unrestricted File Upload
CVSS 6.1
CVE-2025-9800 MEDIUM
Sim < 0.3.40 - Improper Access Control
CVSS 6.3
CVE-2025-9795 MEDIUM
Tianti < 2.3 - Improper Access Control
CVSS 6.3
CVE-2025-9775 HIGH
Remoteclinic Remote Clinic < 2.0 - Improper Access Control
CVSS 7.3
CVE-2025-9772 HIGH
Remoteclinic Remote Clinic < 2.0 - Improper Access Control
CVSS 7.3
CVE-2025-31100 CRITICAL
Mojoomla School Management <1.93.1 - Unrestricted File Upload
CVSS 9.9
CVE-2025-54944 CRITICAL
Sun.net Ehrd Ctms < 10.11 - Unrestricted File Upload
CVSS 9.8
CVE-2025-58159 CRITICAL
Wegia < 3.4.11 - Code Injection
CVSS 9.9
CVE-2025-58048 CRITICAL
Paymenter <1.2.11 - Privilege Escalation
CVSS 9.9
CVE-2025-31979 MEDIUM
HCL BigFix SM - File Upload Validation Bypass
CVSS 5.4
CVE-2025-49387 CRITICAL
Drag and Drop File Upload for Elementor Forms <1.5.3 - RCE
CVSS 10.0
CVE-2025-54762 CRITICAL
SS1 <16.0.0.10 - RCE
CVSS 9.8
CVE-2025-53970 CRITICAL
SS1 <16.0.0.10 - RCE
CVSS 9.8
CVE-2025-34163 CRITICAL
Dongsheng Logistics Software - RCE
CVE-2025-52353 CRITICAL
Uatech Badaso - Unrestricted File Upload
CVSS 9.8
CVE-2025-9476 HIGH
SourceCodester HRIS 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2025-9475 HIGH
SourceCodester HRIS 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2025-9415 MEDIUM
GreenCMS <2.3.0603 - Unrestricted Upload
CVSS 6.3
CVE-2025-53119 HIGH
Unspecified Product <Unknown> - File Upload
CVSS 7.5
CVE-2025-9406 MEDIUM
xuhuisheng lemon <1.13.0 - Unrestricted Upload
CVSS 6.3
CVE-2025-9400 MEDIUM
YiFang CMS <2.0.5 - Unrestricted Upload
CVSS 6.3
CVE-2025-9397 MEDIUM
givanz Vvveb <1.0.7.2 - Unrestricted Upload
CVSS 6.3
Details
Vulnerabilities 4,011
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits