Search Results (4150 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-10036 1 Projectpier 1 Projectpier 2026-04-15 N/A
Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/upload_file.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. The uploaded file is stored with a predictable suffix and can be executed by requesting its URL, resulting in remote code execution.
CVE-2024-7074 2026-04-15 6.8 Medium
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server. By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.
CVE-2024-3803 2026-04-15 6.3 Medium
A vulnerability classified as critical was found in Vesystem Cloud Desktop up to 20240408. This vulnerability affects unknown code of the file /Public/webuploader/0.1.5/server/fileupload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-31339 2026-04-15 N/A
An unrestricted upload of file with dangerous type vulnerability in the course management function of Wisdom Master Pro versions 5.0 through 5.2 allows remote authenticated users to craft a malicious file.
CVE-2025-10009 1 Invoiceninja 1 Invoice Ninja 2026-04-15 N/A
Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files.
CVE-2024-28520 2026-04-15 6.5 Medium
File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain sensitive information via the uploadfile.php component.
CVE-2025-13827 1 Mautic 1 Mautic 2026-04-15 N/A
Summary Arbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted. ImpactIf the media folder is not restricted from running files this can lead to a remote code execution.
CVE-2024-31453 1 Psi-4ward 1 Psitransfer 2026-04-15 6.5 Medium
PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which allows users to create a path for uploading a file in a file distribution, allows an attacker to add arbitrary files to the distribution. The vulnerability allows an attacker to influence those users who come to the file distribution after them and slip the victim files with a malicious or phishing signature. Version 2.2.0 contains a patch for the issue. CVE-2024-31453 allows users to violate the integrity of a file bucket and upload new files there, while the vulnerability with the number CVE-2024-31454 allows users to violate the integrity of a single file that is uploaded by another user by writing data there and not allows you to upload new files to the bucket. Thus, vulnerabilities are reproduced differently, require different security recommendations and affect different objects of the application’s business logic.
CVE-2024-31454 1 Psi-4ward 1 Psitransfer 2026-04-15 6.5 Medium
PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.2.0, the absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. The vulnerability allows an attacker to influence those users who come to the file distribution after them and slip the victim files with a malicious or phishing signature. Version 2.2.0 contains a patch for this issue. CVE-2024-31454 allows users to violate the integrity of a file that is uploaded by another user. In this case, additional files are not loaded into the file bucket. Violation of integrity at the level of individual files. While the vulnerability with the number CVE-2024-31453 allows users to violate the integrity of a file bucket without violating the integrity of files uploaded by other users. Thus, vulnerabilities are reproduced differently, require different security recommendations and affect different objects of the application’s business logic.
CVE-2021-41646 1 Janobe 1 Online Reviewer System 2026-04-14 9.8 Critical
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..
CVE-2025-67260 2 Aster, Aster-te 6 Tkservercgi, Tkwebcoreng, Tpkwebgis Client and 3 more 2026-04-14 8.8 High
The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack TpkWebGIS Client 1.0.0.
CVE-2017-20224 1 Telesquare 2 Sdt-cs3b1, Sdt-cs3b1 Firmware 2026-04-14 9.8 Critical
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service.
CVE-2026-35174 2 Chyrplite, Xenocrat Project 2 Chyrp Lite, Chyrp-lite 2026-04-14 9.1 Critical
Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, a path traversal vulnerability exists in the administration console that allows an administrator or a user with Change Settings permission to change the uploads path to any folder. This vulnerability allows the user to download any file on the server, including config.json.php with database credentials and overwrite critical system files, leading to remote code execution. This vulnerability is fixed in 2026.01.
CVE-2025-64759 2 Homarr, Homarr-labs 2 Homarr, Homarr 2026-04-14 8.1 High
Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowing the execution of arbitrary JavaScript in a user's browser, with minimal or no user interaction required, due to the rendering of a malicious uploaded SVG file. This could be abused to add an attacker's account to the "credentials-admin" group, giving them full administrative access, if a user logged in as an administrator was to view the page which renders or redirects to the SVG. This issue has been patched in version 1.43.3.
CVE-2026-35047 1 Ajax30 2 Bravecms, Bravecms-2.0 2026-04-13 9.8 Critical
Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on the server, potentially resulting in full system compromise, data exfiltration, or service disruption. All users running affected versions of BraveCMS are impacted. This vulnerability is fixed in 2.0.6.
CVE-2026-35573 1 Churchcrm 1 Churchcrm 2026-04-13 9.1 Critical
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The vulnerability exists in src/ChurchCRM/Backup/RestoreJob.php. The $rawUploadedFile['name'] parameter is user-controlled and allows uploading files with arbitrary names to /var/www/html/tmp_attach/ChurchCRMBackups/. This vulnerability is fixed in 6.5.3.
CVE-2025-59710 2 Biztalk360, Kovai 2 Biztalk360, Biztalk360 2026-04-10 8.8 High
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the server.
CVE-2025-3783 1 Senior-walter 1 Web-based Pharmacy Product Management System 2026-04-09 6.3 Medium
A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-product.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-3535 2 Mlfactory, Wordpress 2 Dsgvo Google Web Fonts Gdpr, Wordpress 2026-04-08 9.8 Critical
The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the `DSGVOGWPdownloadGoogleFonts()` function in all versions up to, and including, 1.1. The function is exposed via a `wp_ajax_nopriv_` hook, requiring no authentication. It fetches a user-supplied URL as a CSS file, extracts URLs from its content, and downloads those files to a publicly accessible directory without validating the file type. This makes it possible for unauthenticated attackers to upload arbitrary files including PHP webshells, leading to remote code execution. The exploit requires the site to use one of a handful of specific themes (twentyfifteen, twentyseventeen, twentysixteen, storefront, salient, or shapely).
CVE-2026-4808 2 Tidevapps, Wordpress 2 Gerador De Certificados – Devapps, Wordpress 2026-04-08 7.2 High
The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the moveUploadedFile() function in all versions up to, and including, 1.3.6. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.