CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,010 vulnerabilities with CWE-434
CVE-2026-25056
HIGH
N8n < 1.118.0 - Remote Code Execution
CVSS 8.8
CVE-2026-20098
HIGH
Cisco Meeting Management - RCE
CVSS 8.8
CVE-2026-23704
MEDIUM
Movable Type - RCE
CVSS 6.5
CVE-2026-1756
HIGH
WP FOFT Loader <2.1.39 - RCE
CVSS 8.8
CVE-2026-1791
LOW
Hillstone Networks Operation and Maintenance Security Gateway <V5.5...
CVSS 2.7
CVE-2026-1813
MEDIUM
bolo-blog bolo-solo <2.6.4 - Unrestricted Upload
CVSS 6.3
CVE-2026-25510
CRITICAL
Ci4-cms-erp Ci4ms < 0.28.5.0 - Code Injection
CVSS 9.9
CVE-2026-24673
MEDIUM
Open eClass <4.2 - File Upload Validation Bypass
CVSS 4.3
CVE-2026-1730
HIGH
OS DataHub Maps <1.8.3 - File Upload
CVSS 8.8
CVE-2026-1065
HIGH
The Form Maker by 10Web - WordPress <1.15.35 - XSS
CVSS 7.2
CVE-2026-25201
HIGH
MagicINFO 9 Server <21.1090.1 - RCE
CVSS 8.8
CVE-2026-25200
CRITICAL
MagicINFO 9 Server <21.1090.1 - XSS
CVSS 9.8
CVE-2026-1742
MEDIUM
EFM ipTIME A8004T <14.18.2 - Unrestricted Upload
CVSS 4.7
CVE-2026-24729
CRITICAL
Interinfo DreamMaker <2025/10/22 - RCE
CVE-2026-24897
CRITICAL
Erugo < 0.2.14 - Path Traversal
CVSS 10.0
CVE-2026-24769
CRITICAL
Nocodb < 0.301.0 - XSS
CVSS 9.0
CVE-2026-1400
HIGH
AI Engine - WordPress <3.3.2 - RCE
CVSS 7.2
CVE-2026-24815
CRITICAL
datavane tis <4.3.0 - Deserialization
CVE-2026-1445
MEDIUM
iJason-Liu Books_Manager <298ba736387ca37810466349af13a0fdf828e99c ...
CVSS 4.7
CVE-2026-1424
MEDIUM
Phpgurukul News Portal - Improper Access Control
CVSS 4.7
CVE-2026-1423
MEDIUM
Fabian Online Examination System - Improper Access Control
CVSS 6.3
CVE-2026-0911
HIGH
Hustle - Email Marketing - File Upload
CVSS 7.5
CVE-2026-1331
CRITICAL
MeetingHub - RCE
CVSS 9.8
CVE-2026-24034
MEDIUM
Horilla <1.5.0 - XSS
CVSS 5.4
CVE-2026-24010
HIGH
Horilla <1.5.0 - RCE
CVSS 8.0
Details
Vulnerabilities
4,010
Exploit Likelihood
Medium