Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-7627 YiJiuSmile kkFileViewOfficeEdit fileUpload unrestricted upload — kkFileViewOfficeEdit 6.3 Medium2025-07-14
CVE-2025-7547 Campcodes Online Movie Theater Seat Reservation System admin_class.php save_movie unrestricted upload — Online Movie Theater Seat Reservation System 7.3 High2025-07-13
CVE-2025-7538 Campcodes Sales and Inventory System product_update.php unrestricted upload — Sales and Inventory System 7.3 High2025-07-13
CVE-2025-7487 JoeyBling SpringBoot_MyBatisPlus upload SysFileController unrestricted upload — SpringBoot_MyBatisPlus 6.3 Medium2025-07-12
CVE-2025-7477 code-projects Simple Car Rental System add_cars.php unrestricted upload — Simple Car Rental System 4.7 Medium2025-07-12
CVE-2020-36849 AIT CSV import/export <= 3.0.3 - Unauthenticated Arbitrary File Upload — AIT CSV import/export 9.8 Critical2025-07-12
CVE-2025-7470 Campcodes Sales and Inventory System product_add.php unrestricted upload — Sales and Inventory System 7.3 High2025-07-12
CVE-2020-36847 Simple File List < 4.2.3 - Remote Code Execution — Simple File List 9.8 Critical2025-07-12
CVE-2025-6423 BeeTeam368 Extensions <= 2.3.5 - Authenticated (Subscriber+) Arbitrary File Upload — BeeTeam368 Extensions 8.8 High2025-07-12
CVE-2025-6057 WPBookit <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File Upload — WPBookit 8.8 High2025-07-12
CVE-2025-6058 WPBookit <= 1.0.4 - Unauthenticated Arbitrary File Upload — WPBookit 9.8 Critical2025-07-12
CVE-2025-7413 code-projects Library System profile.php unrestricted upload — Library System 6.3 Medium2025-07-10
CVE-2025-7412 code-projects Library System profile.php unrestricted upload — Library System 6.3 Medium2025-07-10
CVE-2025-34100 BuilderEngine 3.5.0 RCE via Unauthenticated Arbitrary File Upload — CMS 9.8AICriticalAI2025-07-10
CVE-2025-34097 ProcessMaker < 3.5.4 Authenticated Plugin Upload RCE — ProcessMaker 7.2AIHighAI2025-07-10
CVE-2024-39752 IBM Analytics Content Hub file upload — Analytics Content Hub 6.8 Medium2025-07-10
CVE-2025-7210 code-projects/Fabian Ros Library Management System profile_update.php unrestricted upload — Library Management System 6.3 Medium2025-07-09
CVE-2025-34077 WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE — WordPress Pie Register Plugin 9.8AICriticalAI2025-07-09
CVE-2025-7190 code-projects Library Management System student_edit_photo.php unrestricted upload — Library Management System 6.3 Medium2025-07-08
CVE-2025-7181 code-projects Staff Audit System test.php unrestricted upload — Staff Audit System 6.3 Medium2025-07-08
CVE-2025-7175 code-projects E-Commerce Site users_photo.php unrestricted upload — E-Commerce Site 6.3 Medium2025-07-08
CVE-2025-27127 Siemens多款产品 代码问题漏洞 — TIA Project-Server 4.3 Medium2025-07-08
CVE-2025-7152 Campcodes Advanced Online Voting System candidates_add.php unrestricted upload — Advanced Online Voting System 6.3 Medium2025-07-07
CVE-2025-7151 Campcodes Advanced Online Voting System voters_add.php unrestricted upload — Advanced Online Voting System 6.3 Medium2025-07-07
CVE-2025-6802 Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability — QConvergeConsole 9.8AICriticalAI2025-07-07
CVE-2025-7124 code-projects Online Note Sharing Profile Image userprofile.php unrestricted upload — Online Note Sharing 6.3 Medium2025-07-07
CVE-2025-7100 BoyunCMS Index.php unrestricted upload — BoyunCMS 6.3 Medium2025-07-07
CVE-2025-7075 BlackVue Dashcam 590X HTTP Endpoint upload.cgi unrestricted upload — Dashcam 590X 6.3 Medium2025-07-05
CVE-2025-30933 WordPress LogisticsHub theme <= 1.1.6 - Arbitrary File Upload Vulnerability — LogisticsHub 10.0 Critical2025-07-04
CVE-2025-49414 WordPress FW Gallery plugin <= 8.0.0 - Arbitrary File Upload Vulnerability — FW Gallery 10.0 Critical2025-07-04

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.