Search Results (4279 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-53119 1 Securden 1 Unified Pam 2026-04-15 7.5 High
An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server.
CVE-2025-5873 2026-04-15 6.3 Medium
A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manipulation of the argument media results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-15067 2026-04-15 7.7 High
Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a Web Shell to a Web Server.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed (ex: innorix/exam)
CVE-2024-9698 1 Wordpress 1 Wordpress 2026-04-15 7.2 High
The Crafthemes Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'process_uploaded_files' function in all versions up to, and including, 3.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2025-61768 1 Kuno 1 Kuno Cms 2026-04-15 N/A
KUNO CMS is a fully deployable full-stack blog application. In versions prior to 1.3.15, an SSRF (Server-Side Request Forgery) vulnerability exists in the Media module of the Kuno CMS administrative panel. A logged-in administrator can upload a specially crafted SVG file containing an external image reference, causing the server to initiate an outgoing connection to an arbitrary external URL. This can lead to information disclosure or internal network probing. Version 1.3.15 contains a fix for the issue.
CVE-2025-55135 1 Agora Foundation 1 Agora 2026-04-15 6.4 Medium
In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG.
CVE-2024-55078 2026-04-15 9.8 Critical
An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0-JAVA v11.3.3 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2024-12854 2026-04-15 8.8 High
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts 'ggpkg' files that have been uploaded in all versions up to, and including, 2.3.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2024-24809 1 Traccar 1 Traccar 2026-04-15 8.5 High
Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this vulnerability to upload files with the prefix `device.` under any folder. Attackers can use this vulnerability for phishing, cross-site scripting attacks, and potentially execute arbitrary commands on the server. Version 6.0 contains a patch for the issue.
CVE-2025-69828 1 Tms 1 Management Console 2026-04-15 10 Critical
File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit
CVE-2025-34336 1 Egovframework 1 Egovframe-common-components 2026-04-15 N/A
eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an unauthenticated file upload vulnerability via the /utl/wed/insertImage.do and /utl/wed/insertImageCk.do image upload endpoints. These controllers accept multipart requests without authentication, pass the uploaded content to a shared upload helper, and store the file on the server under a framework-controlled path. The framework then returns a download URL that can be used to retrieve the uploaded content, including an attacker-controlled Content-Type within the limits of the image upload functionality. While a filename extension whitelist is enforced, the attacker fully controls the file contents. The response MIME type used is also attacker-controlled when the file is served up to version < 4.1.2. Since version 4.1.2, it is possible to download any image uploaded with any whitelisted content type. But any file uploaded other than an image will be served with the `application/octet-stream` content type (the content type is no longer controlled by the attacker since version 4.1.2). This enables an unauthenticated attacker to use any affected application as a persistent file hosting service for arbitrary content under the application's origin. KISA/KrCERT has identified this unpatched vulnerability as "KVE-2023-5280."
CVE-2025-4768 2026-04-15 6.3 Medium
A vulnerability classified as critical has been found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.
CVE-2025-54071 1 Rommapp 1 Romm 2026-04-15 N/A
RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. In versions 4.0.0-beta.3 and below, an authenticated arbitrary file write vulnerability exists in the /api/saves endpoint. This can lead to Remote Code Execution on the system. The vulnerability permits arbitrary file write operations, allowing attackers to create or modify files at any filesystem location with user-supplied content. A user with viewer role or Scope.ASSETS_WRITE permission or above is required to pass authentication checks. The vulnerability is fixed in version 4.0.0-beta.4.
CVE-2024-51366 1 Omegat 1 Omegat 2026-04-15 9.8 Critical
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows attackers to execute arbitrary code via uploading a crafted .conf file.
CVE-2024-9648 2026-04-15 6.1 Medium
The WP ULike Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the WP_Ulike_Pro_File_Uploader class in all versions up to, and including, 1.9.3. This makes it possible for unauthenticated attackers to upload limited arbitrary files like .php2, .php6, .php7, .phps, .pht, .phtm, .pgif, .shtml, .phar, .inc, .hphp, .ctp, .module, .html, .svg on the affected site's server which may make make other attacks like Cross-Site Scripting possible. Only versions up to 1.8.7 were confirmed vulnerable, however, the earliest tested version for a patch we have access to is 1.9.4, so we are considering 1.9.4 the patched version.
CVE-2025-46616 1 Quantum 1 Stornext 2026-04-15 9.9 Critical
Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
CVE-2025-62065 1 Wordpress 1 Wordpress 2026-04-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through <= 1.6.5.
CVE-2025-67968 2 Inspirythemes, Wordpress 2 Realhomes, Wordpress 2026-04-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM realhomes-crm allows Using Malicious Files.This issue affects Real Homes CRM: from n/a through <= 1.0.0.
CVE-2024-48781 1 Wanxingtechnology 1 Yitu Project Management Kirin Edition 2026-04-15 9.8 Critical
An issue in Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 allows a remote attacker to execute arbitrary code via a specially constructed so file/opt/EdrawProj-2/plugins/imageformat.
CVE-2024-34021 1 Elecom 4 Wrc-2533gs2-b Firmware, Wrc-2533gs2-w Firmware, Wrc-2533gs2v-b Firmware and 1 more 2026-04-15 6.8 Medium
Unrestricted upload of file with dangerous type vulnerability exists in ELECOM wireless LAN routers. A specially crafted file may be uploaded to the affected product by a logged-in user with an administrative privilege, resulting in an arbitrary OS command execution.