Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2016

2016 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2009-20011 ContentKeeper Web Appliance < 125.10 RCE via mimencode — ContentKeeper Web Appliance 9.8 -2025-08-30
CVE-2025-54944 SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type — Corporate Training Management System 8.8 -2025-08-30
CVE-2025-58159 WeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE) — WeGIA 10.0 Critical2025-08-29
CVE-2024-13342 Booster for WooCommerce <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload — Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools 8.1 High2025-08-29
CVE-2025-58048 Paymenter Vulnerable to Remote Code Execution via Public File Uploads — Paymenter 10.0 Critical2025-08-28
CVE-2025-31979 A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix Service Management (SM) — BigFix Service Management (SM) 5.4 Medium2025-08-28
CVE-2024-13986 Nagios XI < 2024R1.3.2 Authenticated Arbitrary File Upload Path Traversal RCE — Nagios XI 8.8AIHighAI2025-08-28
CVE-2025-49387 WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability — Drag and Drop File Upload for Elementor Forms 10.0 Critical2025-08-28
CVE-2025-54762 DOS & CO SS1 代码问题漏洞 — SS1 9.8 -2025-08-28
CVE-2025-53970 DOS & CO SS1 代码问题漏洞 — SS1 9.8 -2025-08-28
CVE-2024-9648 WP ULike Pro <= 1.9.3 - Unauthenticated Limited Arbitrary File Upload — WP ULike Pro 6.1 Medium2025-08-28
CVE-2024-13981 LiveBos UploadFile.do Arbitrary File Upload — LiveBOS 9.8AICriticalAI2025-08-27
CVE-2025-34163 Dongsheng Logistics Software Unauthenticated Arbitrary File Upload — Dongsheng Logistics Software 9.8AICriticalAI2025-08-27
CVE-2023-7309 Dahua Smart Park Integrated Management Platform Front-End Arbitrary File Upload — Smart Park Integrated Management Platform 9.8AICriticalAI2025-08-27
CVE-2025-9476 SourceCodester Human Resource Information System editemployee_process.php unrestricted upload — Human Resource Information System 7.3 High2025-08-26
CVE-2025-9475 SourceCodester Human Resource Information System editemployee_process.php unrestricted upload — Human Resource Information System 7.3 High2025-08-26
CVE-2025-9415 GreenCMS index.php unrestricted upload — GreenCMS 6.3 Medium2025-08-25
CVE-2025-53119 Securden Unified PAM Unauthenticated Unrestricted File Upload — Unified PAM 7.5 High2025-08-25
CVE-2025-9406 xuhuisheng lemon CmsArticleController.java uploadImage unrestricted upload — lemon 6.3 Medium2025-08-25
CVE-2025-9400 YiFang CMS P_file.php mergeMultipartUpload unrestricted upload — CMS 6.3 Medium2025-08-25
CVE-2025-9397 givanz Vvveb media.php unrestricted upload — Vvveb 6.3 Medium2025-08-24
CVE-2025-36174 IBM Integrated Analytics System file upload — Integrated Analytics System 8.0 High2025-08-24
CVE-2025-43766 Liferay Portal和Liferay DXP 代码问题漏洞 — Portal 9.8AICriticalAI2025-08-23
CVE-2025-26498 Salesforce Tableau Server 安全漏洞 — Tableau Server 8.1AIHighAI2025-08-22
CVE-2025-26497 Salesforce Tableau Server 安全漏洞 — Tableau Server 8.1AIHighAI2025-08-22
CVE-2025-54460 AVEVA PI Integrator Unrestricted Upload of File with Dangerous Type — PI Integrator 7.1 High2025-08-21
CVE-2025-24489 INFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous Type — INFINITT PACS System Manager 6.3 Medium2025-08-21
CVE-2025-27714 INFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous Type — INFINITT PACS System Manager 6.3 Medium2025-08-21
CVE-2025-55743 UnoPim vulnerable to remote code execution through Arbitrary File upload — unopim 8.1AIHighAI2025-08-21
CVE-2025-53251 WordPress Pin WP theme < 7.2 - Arbitrary File Upload Vulnerability — Pin WP 9.9 Critical2025-08-21

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2016 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.