VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 43 of 84
  • CVE-2021-21357HigMar 23, 2021
    risk 0.54cvss 8.3epss 0.02

    TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 8.7.40, 9.5.25, 10.4.14, 11.1.1 due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of…

  • CVE-2017-9650HigAug 25, 2017
    risk 0.54cvss 7.8epss 0.02

    An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior;…

  • CVE-2015-7571HigAug 7, 2017
    risk 0.54cvss 7.8epss 0.08

    Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

  • CVE-2026-5364HigApr 24, 2026
    risk 0.53cvss 8.1epss 0.01

    The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.1.3. This is due to the plugin extracting the file extension before sanitization occurs and allowing the file type parameter to be…

  • CVE-2026-25099HigMar 27, 2026
    risk 0.53cvss 8.8epss 0.02

    Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4.

  • CVE-2019-25580HigMar 21, 2026
    risk 0.53cvss 8.2epss 0.00

    ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted…

  • CVE-2018-25171HigMar 6, 2026
    risk 0.53cvss 8.2epss 0.00

    EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/edit_source endpoint with crafted SQL UNION statements to…

  • CVE-2025-10856HigJan 22, 2026
    risk 0.53cvss 8.1epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Software Services Trade Inc. Teknoera allows File Content Injection. This issue affects Teknoera: through 01102025.

  • CVE-2025-64759HigNov 19, 2025
    risk 0.53cvss 8.1epss 0.00

    Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowing the execution of arbitrary JavaScript in a user's browser, with minimal or no user interaction required, due to the rendering of a malicious uploaded SVG file. This could be…

  • CVE-2025-12528HigNov 18, 2025
    risk 0.53cvss 8.1epss 0.01

    The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic function. This is due to insufficient file type validation where the validate_classic method validates file extensions and sets error…

  • CVE-2025-12974HigNov 18, 2025
    risk 0.53cvss 8.1epss 0.01

    The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the legacy chunked upload mechanism in all versions up to, and including, 2.9.21.1. This is due to the extension blacklist not including .phar files, which can…

  • CVE-2025-8450HigAug 19, 2025
    risk 0.53cvss 8.2epss 0.00

    Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms page.

  • CVE-2025-6435HigJun 24, 2025
    risk 0.53cvss 8.1epss 0.00

    If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in…

  • CVE-2025-0984HigMay 6, 2025
    risk 0.53cvss 8.2epss 0.00

    Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netoloji Software E-Flow allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS, File Content…

  • CVE-2025-29394HigApr 9, 2025
    risk 0.53cvss 8.1epss 0.01

    An insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute arbitrary code by uploading a file type.

  • CVE-2025-1070HigFeb 13, 2025
    risk 0.53cvss 8.1epss 0.00

    CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded.

  • CVE-2025-1028HigFeb 5, 2025
    risk 0.53cvss 8.1epss 0.01

    The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the contact form upload feature in all versions up to, and including, 8.6.4. This makes it possible for unauthenticated attackers to upload arbitrary files on…

  • CVE-2024-52302HigNov 14, 2024
    risk 0.53cvss epss 0.03

    common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads…

  • CVE-2024-46482HigOct 22, 2024
    risk 0.53cvss 8.2epss 0.00

    An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file.

  • CVE-2024-3412CriMay 29, 2024
    risk 0.53cvss 9.1epss 0.01

    The WP STAGING WordPress Backup Plugin – Migration Backup Restore plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpstg_processing AJAX action in all versions up to, and including, 3.4.3. This makes it possible for…