CWE-434

Medium likelihood

Unrestricted Upload of File with Dangerous Type

Parent: CWE-669 - Incorrect Resource Transfer Between Spheres

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

4,012 vulnerabilities with CWE-434

CVE-2025-34121 CRITICAL

Idera Up.Time Monitoring Station <=7.2 - RCE

CVE-2025-20274 MEDIUM

Cisco Unified Intelligence Center - File Upload

CVSS 6.3

CVE-2025-48300 CRITICAL

Adrian Tobey Groundhogg <4.2.1 - RCE

CVSS 9.1

CVE-2025-29009 CRITICAL

Webkul Medical Prescription Attachment Plugin <1.2.3 - RCE

CVSS 10.0

CVE-2025-34111 CRITICAL

Tikiwiki Cms/groupware < 15.1 - Missing Authentication

CVSS 9.8

CVE-2025-34104 CRITICAL

Piwik <3.0.3 - Authenticated RCE

CVE-2025-7340 CRITICAL

Hasthemes Download Contact Form 7 Wid... - Unrestricted File Upload

CVSS 9.8

CVE-2025-53891 MEDIUM

TIME LINE <1.0.5 - File Upload

CVSS 4.3

CVE-2025-7627 MEDIUM

Yijiusmile Kkfileviewofficeedit < 2019-03-19 - Improper Access Control

CVSS 6.3

CVE-2025-7547 HIGH

Campcodes Online Movie Theater Seat Reservation System - Improper Access Control

CVSS 7.3

CVE-2025-7538 HIGH

Campcodes Sales and Inventory System 1.0 - Unrestricted Upload

CVSS 7.3

CVE-2025-7487 MEDIUM

JoeyBling SpringBoot_MyBatisPlus <a6a825513bd688f717dbae3a196bc9c96...

CVSS 6.3

CVE-2025-7477 MEDIUM

Simple Car Rental System 1.0 - Unrestricted Upload

CVSS 4.7

CVE-2025-7470 HIGH

Campcodes Sales & Inventory System 1.0 - Unrestricted Upload

CVSS 7.3

CVE-2025-6423 HIGH

BeeTeam368 Extensions <2.3.5 - File Upload

CVSS 8.8

CVE-2025-6058 CRITICAL

WPBookit <1.0.4 - File Upload

CVSS 9.8

CVE-2025-6057 HIGH

WPBookit <1.0.4 - File Upload

CVSS 8.8

CVE-2025-7413 MEDIUM

code-projects Library System 1.0 - Unrestricted Upload

CVSS 6.3

CVE-2025-7412 MEDIUM

code-projects Library System 1.0 - Unrestricted Upload

CVSS 6.3

CVE-2025-34100 CRITICAL

BuilderEngine 3.5.0 - Code Injection

CVE-2025-34097 HIGH

ProcessMaker <3.5.4 - RCE

CVE-2025-7210 MEDIUM

Fabian Library Management System - Improper Access Control

CVSS 6.3

CVE-2025-34077 CRITICAL

WordPress Pie Register <3.7.1.4 - Auth Bypass

CVE-2025-7190 MEDIUM

Fabian Library Management System - Improper Access Control

CVSS 6.3

CVE-2025-0928 HIGH

Canonical Juju < 2.9.52 - Improper Authorization

CVSS 8.8

Details

Vulnerabilities 4,012

Exploit Likelihood Medium

Links