CWE-434— Unrestricted Upload of File with Dangerous Type
3,976 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 78 of 80
- CVE-2026-2701CRITICALCVSS 9.1EG 9.12026-04-02
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.
- CVE-2026-27043HIGHCVSS 7.2EG 7.22026-03-19
Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGoods Photography allows Path Traversal.This issue affects Photography: from n/a before 7.7.6.
- CVE-2026-27067CRITICALCVSS 9.1EG 9.12026-03-19
Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through <= 1.3.1.
- CVE-2026-2743CRITICALCVSS 9.8EG 9.82026-03-05
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
- CVE-2026-27540CRITICALCVSS 9.0EG 9.02026-03-19
Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Captur…
- CVE-2026-27891HIGHCVSS 7.2EG 7.22026-05-18
FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the file paths within uploaded ZIP archives.…
- CVE-2026-28114CRITICALCVSS 9.1EG 9.12026-03-05
Unrestricted Upload of File with Dangerous Type vulnerability in firassaidi WooCommerce License Manager fs-license-manager allows Upload a Web Shell to a Web Server.This issue affects WooCommerce License Manager: from n/a through <= 7.0.6.
- CVE-2026-28133HIGHCVSS 8.5EG 8.12026-03-05
Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through <= 1.2.14.
- CVE-2026-2942CRITICALCVSS 9.8EG 9.82026-04-08
The ProSolution WP Client plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'proSol_fileUploadProcess' function in all versions up to, and including, 1.9.9. This makes it possible for u…
- CVE-2026-2976MEDIUMCVSS 4.3EG 4.32026-02-23
A weakness has been identified in FastApiAdmin up to 2.2.0. Affected by this issue is the function download_controller of the file /backend/app/api/v1/module_common/file/controller.py of the component Download Endpoint. This manipulation o…
- CVE-2026-3025HIGHCVSS 7.3EG 7.32026-02-23
A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx. Executing a manipulation of the arg…
- CVE-2026-30280MEDIUMCVSS 5.3EG 5.32026-03-31
An arbitrary file overwrite vulnerability in RAREPROB SOLUTIONS PRIVATE LIMITED Video player Play All Videos v1.0.135 allows attackers to overwrite critical internal files via the file import process, leading to arbtrary code execution or …
- CVE-2026-30761HIGHCVSS 7.3EG 7.32026-05-28
An arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of SourceBans Material Admin v1.1.6 allows attackers to execute arbitrary code via uploading a crafted image file.
- CVE-2026-30804HIGHCVSS 7.2EG 7.22026-04-13
Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800
- CVE-2026-3187MEDIUMCVSS 6.3EG 6.32026-02-25
A vulnerability was identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. Affected by this issue is some unknown functionality of the file /api/admin/sys-file/upload of the component API Endpoint. Such manipulation leads to unrestric…
- CVE-2026-3219MEDIUMCVSS 4.6EG 4.62026-04-20
pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to t…
- CVE-2026-32482CRITICALCVSS 9.9EG 9.92026-03-25
Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through < 1.24.
- CVE-2026-32523CRITICALCVSS 9.9EG 9.92026-03-25
Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through <= 6.9.2.
- CVE-2026-32524CRITICALCVSS 9.1EG 9.12026-03-25
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through <= 6.4.9.
- CVE-2026-32536CRITICALCVSS 9.9EG 9.92026-03-25
Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08.
- CVE-2026-32931HIGHCVSS 7.5EG 7.52026-04-10
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-…
- CVE-2026-32985CRITICALCVSS 9.8EG 9.82026-03-20
Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive c…
- CVE-2026-33273HIGHCVSS 7.2EG 4.72026-04-08
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be e…
- CVE-2026-33435HIGHCVSS 8.0EG 8.02026-04-15
Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in…
- CVE-2026-33704HIGHCVSS 7.1EG 7.12026-04-10
Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user (including students) can write arbitrary content to files on the server via the BigUpload endpoint. The key parameter controls the filename and the raw P…
- CVE-2026-3459HIGHCVSS 8.1EG 8.12026-03-05
The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3…
- CVE-2026-34735HIGHCVSS 8.7EG 8.72026-04-02
The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. In version 1.2.0 and prior, the quickUpload() endpoint validates uploaded files by checking their MIME type (via PHP's finfo, which inspects fil…
- CVE-2026-35047CRITICALCVSS 9.8EG 9.82026-04-06
Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on t…
- CVE-2026-35164HIGHCVSS 8.8EG 8.82026-04-06
Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file upload vulnerability exists in the CKEditor upload functionality. It is found in app/Http/Controllers/Dashboard/CkEditorController.php within the ckupload method. The me…
- CVE-2026-35174CRITICALCVSS 9.1EG 9.12026-04-06
Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, a path traversal vulnerability exists in the administration console that allows an administrator or a user with Change Settings permission to change the uploads path to …
- CVE-2026-3533HIGHCVSS 8.8EG 8.82026-03-24
The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_popup_templates() function as well as insufficient file type validation in the upload_files() function in all versions up …
- CVE-2026-3535CRITICALCVSS 9.8EG 9.82026-04-08
The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the `DSGVOGWPdownloadGoogleFonts()` function in all versions up to, and including, 1.1. The function is expo…
- CVE-2026-35573CRITICALCVSS 9.1EG 9.12026-04-07
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code executio…
- CVE-2026-36387MEDIUMCVSS 6.5EG 6.52026-05-07
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malic…
- CVE-2026-37430HIGHCVSS 7.3EG 7.32026-05-13
An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file.
- CVE-2026-3748MEDIUMCVSS 6.3EG 6.32026-03-08
A security flaw has been discovered in Bytedesk up to 1.3.9. This affects the function uploadFile of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestController.java of the component SVG File Handler. Performing a mani…
- CVE-2026-3749MEDIUMCVSS 6.3EG 6.32026-03-08
A weakness has been identified in Bytedesk up to 1.3.9. This vulnerability affects the function handleFileUpload of the file source-code/src/main/java/com/bytedesk/core/upload/UploadRestService.java of the component SVG File Handler. Execu…
- CVE-2026-37748HIGHCVSS 7.2EG 7.22026-04-21
Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php. The move_uploaded_file() function is called without any MIME type, extension, or content valid…
- CVE-2026-3797MEDIUMCVSS 6.3EG 6.32026-03-09
A security vulnerability has been detected in Tiandy Video Surveillance System 视频监控平台 7.17.0. The impacted element is the function uploadFile of the file /src/com/tiandy/easy7/core/rest/CLS_REST_File.java. The manipulation of t…
- CVE-2026-3800MEDIUMCVSS 6.3EG 6.32026-03-09
A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image leads to unrestricted upload. The atta…
- CVE-2026-3844CRITICALCVSS 9.8EG 9.82026-04-23
The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetch_gravatar_from_remote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthen…
- CVE-2026-38526CRITICALCVSS 9.9EG 9.92026-04-14
An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file.
- CVE-2026-38751HIGHCVSS 7.2EG 7.22026-05-04
OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality (modules/aggiornamenti/upload_modules.php)
- CVE-2026-3891CRITICALCVSS 9.8EG 9.82026-03-13
The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lkn_pix_for_woocommerce_c6_save_settings' function in all versions up to, and inc…
- CVE-2026-38991HIGHCVSS 8.8EG 8.82026-04-29
Cockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component _isFileTypeAllowed function where a specially crafted filename bypasses an extension filter. This allows an authenticated attacker to rename arbitrary…
- CVE-2026-39292HIGHCVSS 7.3EG 7.32026-05-29
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exi…
- CVE-2026-40040HIGHCVSS 8.8EG 8.82026-04-13
Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files …
- CVE-2026-40262HIGHCVSS 8.7EG 8.72026-04-17
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type, which does not identify text-based formats such…
- CVE-2026-40412CRITICALCVSS 10.0EG 10.02026-05-26
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.
- CVE-2026-40484CRITICALCVSS 9.1EG 9.12026-04-18
ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document roo…
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →