CWE-434
Unrestricted Upload of File with Dangerous Type
Description
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-1
CVEs mapped to this weakness (1,669)
page 48 of 84| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-48217 | Hig | 0.50 | 8.8 | 0.01 | Nov 14, 2023 | Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and… | ||
| CVE-2023-47621 | — | Hig | 0.50 | 8.8 | 0.01 | Nov 13, 2023 | Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This… | |
| CVE-2023-1313 | Hig | 0.50 | 8.8 | 0.01 | Mar 10, 2023 | Unrestricted Upload of File with Dangerous Type in GitHub repository cockpit-hq/cockpit prior to 2.4.1. | ||
| CVE-2022-45968 | Hig | 0.50 | 8.8 | 0.01 | Dec 12, 2022 | Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder (even a password protected one). | ||
| CVE-2022-46157 | — | Hig | 0.50 | 8.8 | 0.01 | Dec 9, 2022 | Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the… | |
| CVE-2022-2111 | Hig | 0.50 | 8.8 | 0.01 | Jun 17, 2022 | Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2. | ||
| CVE-2021-4080 | Hig | 0.50 | 8.8 | 0.01 | Jan 12, 2022 | crater is vulnerable to Unrestricted Upload of File with Dangerous Type | ||
| CVE-2021-3846 | Hig | 0.50 | 8.8 | 0.01 | Oct 19, 2021 | firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type | ||
| CVE-2019-8093 | Hig | 0.50 | 8.8 | 0.01 | Nov 5, 2019 | An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files. | ||
| CVE-2019-16318 | — | Hig | 0.50 | 8.8 | 0.01 | Sep 14, 2019 | In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and… | |
| CVE-2018-14857 | Hig | 0.50 | 8.8 | 0.04 | Aug 6, 2018 | Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions… | ||
| CVE-2017-2617 | Hig | 0.50 | 7.6 | 0.02 | May 22, 2018 | hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed. | ||
| CVE-2014-9619 | Hig | 0.50 | 7.2 | 0.07 | Sep 19, 2017 | Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code… | ||
| CVE-2026-41587 | Hig | 0.49 | — | 0.01 | May 7, 2026 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme upload feature allows any authenticated backend user with theme-upload… | ||
| CVE-2025-12048 | Hig | 0.49 | 7.5 | 0.00 | Nov 12, 2025 | An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote code execution or unauthorized control of the affected system. | ||
| CVE-2025-9212 | Hig | 0.49 | 7.5 | 0.00 | Oct 3, 2025 | The WP Dispatcher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wp_dispatcher_process_upload() function in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with… | ||
| CVE-2025-59835 | Hig | 0.49 | — | 0.00 | Oct 2, 2025 | LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not strictly restrict the storage directory… | ||
| CVE-2025-10009 | Hig | 0.49 | — | 0.00 | Sep 22, 2025 | Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files. | ||
| CVE-2025-53119 | — | Hig | 0.49 | 7.5 | 0.11 | Aug 25, 2025 | An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server. | |
| CVE-2025-47187 | Hig | 0.49 | 7.5 | 0.01 | Jul 23, 2025 | A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to perform a file upload attack due to… |
- risk 0.50cvss 8.8epss 0.01
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and…
- risk 0.50cvss 8.8epss 0.01
Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This…
- risk 0.50cvss 8.8epss 0.01
Unrestricted Upload of File with Dangerous Type in GitHub repository cockpit-hq/cockpit prior to 2.4.1.
- risk 0.50cvss 8.8epss 0.01
Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder (even a password protected one).
- risk 0.50cvss 8.8epss 0.01
Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the…
- risk 0.50cvss 8.8epss 0.01
Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.
- risk 0.50cvss 8.8epss 0.01
crater is vulnerable to Unrestricted Upload of File with Dangerous Type
- risk 0.50cvss 8.8epss 0.01
firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type
- risk 0.50cvss 8.8epss 0.01
An arbitrary file access vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can leverage file upload controller for downloadable products to read/delete an arbitary files.
- risk 0.50cvss 8.8epss 0.01
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and…
- risk 0.50cvss 8.8epss 0.04
Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions…
- risk 0.50cvss 7.6epss 0.02
hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed.
- risk 0.50cvss 7.2epss 0.07
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code…
- risk 0.49cvss —epss 0.01
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme upload feature allows any authenticated backend user with theme-upload…
- risk 0.49cvss 7.5epss 0.00
An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote code execution or unauthorized control of the affected system.
- risk 0.49cvss 7.5epss 0.00
The WP Dispatcher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wp_dispatcher_process_upload() function in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with…
- risk 0.49cvss —epss 0.00
LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not strictly restrict the storage directory…
- risk 0.49cvss —epss 0.00
Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files.
- risk 0.49cvss 7.5epss 0.11
An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server.
- risk 0.49cvss 7.5epss 0.01
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to perform a file upload attack due to…