Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2017

2017 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2012-10049 WebPageTest Arbitrary PHP File Upload RCE — WebPageTest 9.8 -2025-08-08
CVE-2012-10042 Sflog! CMS 1.0 Arbitrary File Upload RCE — Sflog! CMS 8.8 -2025-08-08
CVE-2012-10036 Project Pier <= 0.8.8 Arbitrary File Upload RCE — ProjectPier 9.8 -2025-08-08
CVE-2012-10044 MobileCartly 1.0 savepage.php Arbitrary File Creation — MobileCartly 9.8 -2025-08-08
CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload — EGallery 9.8 -2025-08-08
CVE-2012-10050 CuteFlow <= 2.11.2 Arbitrary File Upload RCE — CuteFlow 9.8 -2025-08-08
CVE-2025-55135 agora 代码问题漏洞 — Agora 6.4 Medium2025-08-07
CVE-2025-22470 SATO CL4/6NX Plus和SATO CL4/6NX-J Plus 代码问题漏洞 — CL4/6NX Plus 9.8AICriticalAI2025-08-06
CVE-2012-10027 WordPress Plugin WP-Property <= 1.35.0 PHP File Upload — WordPress Plugin 9.8AICriticalAI2025-08-05
CVE-2012-10026 WordPress Plugin Asset-Manager <= 2.0 PHP File Upload — Wordpress Plugin 9.8AICriticalAI2025-08-05
CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload — EDMS 9.8AICriticalAI2025-08-05
CVE-2013-10067 Glossword 1.8.8 - 1.8.12 Arbitrary File Upload RCE — Glossword 7.2AIHighAI2025-08-05
CVE-2012-10030 FreeFloat FTP Server Arbitrary File Upload — FTP Server 9.8AICriticalAI2025-08-05
CVE-2014-125113 Dell/Quest KACE K1000 Unauthenticated File Upload RCE — KACE K1000 Systems Management Appliance 9.8AICriticalAI2025-08-05
CVE-2025-5061 WP Import Export Lite <= 3.9.29 - Authenticated (Subscriber+) Arbitrary File Upload — WP Import Export Lite 7.5 High2025-08-05
CVE-2025-6207 WP Import Export Lite <= 3.9.28 - Authenticated (Subscriber+) Arbitrary File Upload — WP Import Export Lite 7.5 High2025-08-05
CVE-2025-8526 Exrick xboot UploadController.java upload unrestricted upload — xboot 6.3 Medium2025-08-04
CVE-2013-10054 LibrettoCMS File Manager Arbitrary File Upload — LibrettoCMS 9.8AICriticalAI2025-08-04
CVE-2025-54962 OpenPLC Runtime version 3 代码问题漏洞 — OpenPLC_v3 6.4 Medium2025-08-04
CVE-2025-8504 code-projects Kitchen Treasure userregistration.php unrestricted upload — Kitchen Treasure 6.3 Medium2025-08-03
CVE-2013-10047 MiniWeb <= Build 300 Arbitrary File Upload — MiniWeb 9.8 -2025-08-01
CVE-2013-10055 Havalite CMS Arbitary File Upload RCE — Havalite CMS 9.8 -2025-08-01
CVE-2025-7443 BerqWP <= 2.2.42 - Unauthenticated Arbitrary File Upload — BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript 8.1 High2025-08-01
CVE-2014-125126 Simple E-Document Arbitrary File Upload RCE — Simple E-Document 9.8AICriticalAI2025-07-31
CVE-2013-10034 Kaseya < 6.3.0.2 uploadImage.asp Arbitrary File Upload RCE — KServer 9.8AICriticalAI2025-07-31
CVE-2013-10038 FlashChat Arbitrary File Upload RCE — FlashChat 9.8AICriticalAI2025-07-31
CVE-2013-10040 ClipBucket <= 2.6 ofc_upload_image.php Arbitrary File Upload RCE — ClipBucket 9.8AICriticalAI2025-07-31
CVE-2025-8379 Campcodes Online Hotel Reservation System edit_room.php unrestricted upload — Online Hotel Reservation System 4.7 Medium2025-07-31
CVE-2025-54757 Alfasado PowerCMS 代码问题漏洞 — PowerCMS 6.5 Medium2025-07-31
CVE-2025-7847 AI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File Upload — AI Engine 8.8 High2025-07-31

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2017 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.