VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 33 of 84
  • CVE-2026-38991HigApr 29, 2026
    risk 0.57cvss 8.8epss 0.00

    Cockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component _isFileTypeAllowed function where a specially crafted filename bypasses an extension filter. This allows an authenticated attacker to rename arbitrary files with the .php file extension…

  • CVE-2026-6518HigApr 18, 2026
    risk 0.57cvss 8.8epss 0.01

    The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the `cmp_theme_update_install` AJAX action. This is due to the function only…

  • CVE-2026-40040HigApr 13, 2026
    risk 0.57cvss 8.8epss 0.00

    Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible…

  • CVE-2026-2942CriApr 8, 2026
    risk 0.57cvss 9.8epss 0.01

    The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'proSol_fileUploadProcess' function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers to upload…

  • CVE-2026-35164HigApr 6, 2026
    risk 0.57cvss 8.8epss 0.01

    Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file upload vulnerability exists in the CKEditor upload functionality. It is found in app/Http/Controllers/Dashboard/CkEditorController.php within the ckupload method. The method fails to validate uploaded file…

  • CVE-2026-35047CriApr 6, 2026
    risk 0.57cvss 9.8epss 0.01

    Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on the server, potentially resulting in full…

  • CVE-2025-59710HigApr 3, 2026
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code…

  • CVE-2026-34735HigApr 2, 2026
    risk 0.57cvss epss 0.00

    The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. In version 1.2.0 and prior, the quickUpload() endpoint validates uploaded files by checking their MIME type (via PHP's finfo, which inspects file contents) but constructs the stored…

  • CVE-2026-3533HigMar 24, 2026
    risk 0.57cvss 8.8epss 0.01

    The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_popup_templates() function as well as insufficient file type validation in the upload_files() function in all versions up to, and including, 4.14.1. This makes it…

  • CVE-2026-32989HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.00

    Precurio Intranet Portal 4.4 contains a cross-site request forgery vulnerability that allows attackers to induce authenticated users to submit crafted requests to a profile update endpoint handling file uploads. Attackers can exploit this to upload executable files to…

  • CVE-2025-67260HigMar 20, 2026
    risk 0.57cvss 8.8epss 0.00

    The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI…

  • CVE-2026-3891CriMar 13, 2026
    risk 0.57cvss 9.8epss 0.01

    The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lkn_pix_for_woocommerce_c6_save_settings' function in all versions up to, and including, 1.5.0. This makes it possible…

  • CVE-2018-25158HigFeb 20, 2026
    risk 0.57cvss 8.8epss 0.00

    Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions,…

  • CVE-2025-10465HigFeb 9, 2026
    risk 0.57cvss 8.8epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using…

  • CVE-2020-37023HigJan 30, 2026
    risk 0.57cvss 8.8epss 0.01

    Koken CMS 0.22.24 contains a file upload vulnerability that allows authenticated attackers to bypass file extension restrictions by renaming malicious PHP files. Attackers can upload PHP files with system command execution capabilities by manipulating the file upload request…

  • CVE-2020-37009HigJan 29, 2026
    risk 0.57cvss 8.8epss 0.01

    MedDream PACS Server 6.8.3.751 contains an authenticated remote code execution vulnerability that allows authorized users to upload malicious PHP files. Attackers can exploit the uploadImage.php endpoint by authenticating and uploading a PHP shell to execute arbitrary system…

  • CVE-2021-47904HigJan 23, 2026
    risk 0.57cvss 8.8epss 0.01

    PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server.

  • CVE-2021-47888HigJan 23, 2026
    risk 0.57cvss 8.8epss 0.01

    Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute arbitrary commands by accessing the…

  • CVE-2025-15158HigJan 7, 2026
    risk 0.57cvss 8.8epss 0.00

    The WP Enable WebP plugin for WordPress is vulnerable to arbitrary file uploads due to improper file type validation in the 'wpse_file_and_ext_webp' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Author-level access…

  • CVE-2025-55061HigDec 29, 2025
    risk 0.57cvss 8.8epss 0.00

    CWE-434 Unrestricted Upload of File with Dangerous Type