VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 58 of 84
  • CVE-2023-30968MedMar 12, 2024
    risk 0.44cvss 6.8epss 0.00

    One of Gotham Gaia services was found to be vulnerable to a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker to bypass CSP and get a persistent cross site scripting payload on the stack.

  • CVE-2022-1565HigJul 18, 2022
    risk 0.44cvss 7.2epss 0.11

    The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above,…

  • CVE-2022-29623HigMay 16, 2022
    risk 0.44cvss 7.8epss 0.01

    An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report.

  • CVE-2022-0409HigFeb 19, 2022
    risk 0.44cvss 7.8epss 0.01

    Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.

  • CVE-2022-0263HigJan 18, 2022
    risk 0.44cvss 7.8epss 0.01

    Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7.

  • CVE-2026-0496MedJan 13, 2026
    risk 0.43cvss 6.6epss 0.00

    SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file (including script files) without proper file format validation. This has low impact on confidentiality, integrity and availability of the application.

  • CVE-2025-49329MedJun 6, 2025
    risk 0.43cvss 6.6epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Upload a Web Shell to a Web Server.This issue affects Store Locator WordPress: from n/a through <= 1.5.2.

  • CVE-2025-47550MedMay 7, 2025
    risk 0.43cvss 6.6epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio instantio allows Upload a Web Shell to a Web Server.This issue affects Instantio: from n/a through <= 3.3.16.

  • CVE-2025-39538MedApr 16, 2025
    risk 0.43cvss 6.6epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4.

  • CVE-2025-31577MedMar 31, 2025
    risk 0.43cvss 6.6epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through <= 1.0.8.

  • CVE-2025-2819MedMar 26, 2025
    risk 0.43cvss 6.6epss 0.00

    There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient validation in the file selection process. This could lead to data integrity issues and unauthorized access by an authenticated privileged user.

  • CVE-2025-1025HigFeb 5, 2025
    risk 0.43cvss 7.5epss 0.18

    Versions of the package cockpit-hq/cockpit before 2.4.1 are vulnerable to Arbitrary File Upload where an attacker can use different extension to bypass the upload filter.

  • CVE-2024-53811MedDec 6, 2024
    risk 0.43cvss 6.6epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through <= 1.0.40.

  • CVE-2024-49676MedOct 23, 2024
    risk 0.43cvss 6.6epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor custom-icons-for-elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through <= 0.3.3.

  • CVE-2022-4732HigDec 27, 2022
    risk 0.43cvss 7.2epss 0.38

    Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.

  • CVE-2026-40548MedJun 1, 2026
    risk 0.42cvss epss 0.00

    SOPlanning does not verify uploaded file extension. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive containing a legitimate user.csv file alongside a malicious file, which is extracted on the server. When combined with…

  • CVE-2026-46426HigMay 27, 2026
    risk 0.42cvss 7.6epss 0.00

    Budibase is an open-source low-code platform. Prior to 3.38.2, the file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks for dangerous file extensions are conditionally wrapped inside if (isPublicUser)…

  • CVE-2026-36387MedMay 7, 2026
    risk 0.42cvss 6.5epss 0.00

    A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE.

  • CVE-2026-32931HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.01

    Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded…

  • CVE-2018-25162MedMar 6, 2026
    risk 0.42cvss 6.5epss 0.00

    2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. Attackers can upload PHP files through the userfile1 parameter with action=upload, which are…