Total
3098 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-51806 | 1 Ujcms | 1 Ujcms | 2025-06-20 | N/A | 5.4 MEDIUM |
File Upload vulnerability in Ujcms v.8.0.2 allows a local attacker to execute arbitrary code via a crafted file. | |||||
CVE-2023-4536 | 1 Koalaapps | 1 My Account Page Editor | 2025-06-20 | N/A | 8.8 HIGH |
The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to be uploaded, allowing any authenticated users, such as subscriber to upload arbitrary files to the server, leading to RCE | |||||
CVE-2022-1538 | 1 Themely | 1 Theme Demo Import | 2025-06-20 | N/A | 7.2 HIGH |
Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed. | |||||
CVE-2024-3508 | 1 Redhat | 1 Trusted Profile Analyzer | 2025-06-18 | N/A | 4.3 MEDIUM |
A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform this verification, the uploaded file must first be decompressed. | |||||
CVE-2024-31777 | 1 Openeclass | 1 Openeclass | 2025-06-18 | N/A | 9.8 CRITICAL |
File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint. | |||||
CVE-2023-5957 | 1 Naziinfotech | 1 Ni Purchase Order\(po\) For Woocommerce | 2025-06-18 | N/A | 7.2 HIGH |
The Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell. | |||||
CVE-2023-45724 | 1 Hcltech | 1 Dryice Myxalytics | 2025-06-18 | N/A | 8.2 HIGH |
HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain file without requiring user authentication. | |||||
CVE-2025-6220 | 2025-06-18 | N/A | 7.2 HIGH | ||
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 3.5.12. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
CVE-2025-32028 | 1 Haxtheweb | 1 Hax | 2025-06-18 | N/A | 9.9 CRITICAL |
HAX CMS PHP allows you to manage your microsite universe with PHP backend. Multiple file upload functions within the HAX CMS PHP application call a ’save’ function in ’HAXCMSFile.php’. This save function uses a denylist to block specific file types from being uploaded to the server. This list is non-exhaustive and only blocks ’.php’, ’.sh’, ’.js’, and ’.css’ files. The existing logic causes the system to "fail open" rather than "fail closed." This vulnerability is fixed in 10.0.3. | |||||
CVE-2025-6086 | 2025-06-18 | N/A | 7.2 HIGH | ||
The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'csv_me_options_page' function in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
CVE-2025-4413 | 2025-06-18 | N/A | 8.8 HIGH | ||
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pixabay_upload function in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
CVE-2023-39462 | 1 Trianglemicroworks | 1 Scada Data Gateway | 2025-06-17 | N/A | 6.5 MEDIUM |
Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processing of workspace files. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilitites to execute arbitrary code in the context of root. Was ZDI-CAN-20536. | |||||
CVE-2023-39463 | 1 Trianglemicroworks | 1 Scada Data Gateway | 2025-06-17 | N/A | 7.2 HIGH |
Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the trusted certification feature. The issue lies in the handling of the OpcUaSecurityCertificateAuthorityTrustDir variable, which allows an arbitrary file write with attacker-controlled data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-20537. | |||||
CVE-2025-49444 | 2025-06-17 | N/A | 10.0 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor allows Upload a Web Shell to a Web Server. This issue affects Reformer for Elementor: from n/a through 1.0.5. | |||||
CVE-2025-6161 | 2025-06-17 | 7.5 HIGH | 7.3 HIGH | ||
A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
CVE-2025-34511 | 2025-06-17 | N/A | 8.8 HIGH | ||
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution. | |||||
CVE-2025-49447 | 2025-06-17 | N/A | 10.0 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows Using Malicious Files. This issue affects FW Food Menu : from n/a through 6.0.0. | |||||
CVE-2025-47559 | 2025-06-17 | N/A | 9.9 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server. This issue affects MapSVG: from n/a through 8.5.32. | |||||
CVE-2025-47452 | 2025-06-17 | N/A | 9.9 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a Web Shell to a Web Server. This issue affects WP VR: from n/a through 8.5.26. | |||||
CVE-2025-32510 | 2025-06-17 | N/A | 10.0 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in ovatheme Ovatheme Events Manager allows Using Malicious Files. This issue affects Ovatheme Events Manager: from n/a through 1.7.5. |