Vulnerabilities (CVE)

Filtered by CWE-434
Total 4088 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-3042 1 Projectworlds 1 Online Time Table Generator 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-3041 1 Projectworlds 1 Online Time Table Generator 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-3040 1 Projectworlds 1 Online Time Table Generator 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-39557 2026-06-17 N/A 9.1 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer allows Upload a Web Shell to a Web Server.This issue affects Kadence WooCommerce Email Designer: from n/a through <= 1.5.14.
CVE-2025-39538 2026-06-17 N/A 6.6 MEDIUM
Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4.
CVE-2025-39436 2026-06-17 N/A 9.1 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw idraw allows Using Malicious Files.This issue affects I Draw: from n/a through <= 1.0.
CVE-2025-39402 2026-06-17 N/A 9.9 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023).
CVE-2025-39401 2026-06-17 N/A 10.0 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023).
CVE-2025-39380 2026-06-17 N/A 10.0 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System hospital-management allows Upload a Web Shell to a Web Server.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).
CVE-2025-37175 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 7.2 HIGH
Arbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files as a privilege user and execute arbitrary commands on the underlying operating system.
CVE-2025-37132 1 Arubanetworks 1 Arubaos 2026-06-17 N/A 7.2 HIGH
An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system.
CVE-2025-36519 2026-06-17 N/A 4.3 MEDIUM
Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product.
CVE-2025-36183 1 Ibm 1 Watsonx.data 2026-06-17 N/A 3.8 LOW
IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.
CVE-2025-36174 1 Ibm 1 Integrated Analytics System 2026-06-17 N/A 8.0 HIGH
IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.
CVE-2025-36074 1 Ibm 1 Security Verify Directory 2026-06-17 N/A 5.5 MEDIUM
IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could upload malicious files into the system that can be sent to victims for performing further attacks against the system.
CVE-2025-35055 1 Newforma 1 Project Center 2026-06-17 N/A 8.8 HIGH
Newforma Info Exchange (NIX) '/UserWeb/Common/UploadBlueimp.ashx' allows an authenticated attacker to upload an arbitrary file to any location writable by the NIX application. An attacker can upload and run a web shell or other content executable by the web server. An attacker can also delete directories. In Newforma before 2023.1, anonymous access is enabled by default (CVE-2025-35062), allowing an otherwise unauthenticated attacker to effectively authenticate as 'anonymous' and exploit this file upload vulnerability.
CVE-2025-35032 1 Mieweb 1 Enterprise Health 2026-06-17 N/A 3.4 LOW
Medical Informatics Engineering Enterprise Health allows authenticated users to upload arbitrary files. The impact of this behavior depends on how files are accessed. This issue is fixed as of 2025-04-08.
CVE-2025-34511 1 Sitecore 4 Experience Commerce, Experience Manager, Experience Platform and 1 more 2026-06-17 N/A 8.8 HIGH
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution.
CVE-2025-34506 1 Wbce 1 Wbce Cms 2026-06-17 N/A 8.8 HIGH
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed.
CVE-2025-34336 2026-06-17 N/A N/A
eGovFramework/egovframe-common-components versions up to and including 4.3.1 contain an unauthenticated file upload vulnerability via the /utl/wed/insertImage.do and /utl/wed/insertImageCk.do image upload endpoints. These controllers accept multipart requests without authentication, pass the uploaded content to a shared upload helper, and store the file on the server under a framework-controlled path. The framework then returns a download URL that can be used to retrieve the uploaded content, including an attacker-controlled Content-Type within the limits of the image upload functionality. While a filename extension whitelist is enforced, the attacker fully controls the file contents. The response MIME type used is also attacker-controlled when the file is served up to version < 4.1.2. Since version 4.1.2, it is possible to download any image uploaded with any whitelisted content type. But any file uploaded other than an image will be served with the `application/octet-stream` content type (the content type is no longer controlled by the attacker since version 4.1.2). This enables an unauthenticated attacker to use any affected application as a persistent file hosting service for arbitrary content under the application's origin. KISA/KrCERT has identified this unpatched vulnerability as "KVE-2023-5280."