Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-3969 codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload — News Publishing Site Dashboard 6.3 Medium2025-04-27
CVE-2025-3914 Aeropage Sync for Airtable <= 3.2.0 - Authenticated (Subscriber+) Arbitrary File Upload — Aeropage Sync for Airtable 8.8 High2025-04-26
CVE-2025-46616 Quantum StorNext Web GUI API 代码问题漏洞 — StorNext 9.9 Critical2025-04-25
CVE-2022-44760 HCL Leap is affected by an unrestricted upload of file with dangerous type vulnerability — HCL Leap 4.6 Medium2025-04-24
CVE-2025-31324 Missing Authorization check in SAP NetWeaver (Visual Composer development server) — SAP NetWeaver (Visual Composer development server) 10.0 Critical2025-04-24
CVE-2025-46264 WordPress PowerPress Podcasting <= 11.12.5 - Arbitrary File Upload Vulnerability — PowerPress Podcasting 9.9 Critical2025-04-24
CVE-2025-3616 Greenshift 11.4 - 11.4.5 - Authenticated (Subscriber+) Arbitrary File Upload — Greenshift – animation and page builder blocks 8.8 High2025-04-22
CVE-2025-3830 kuangstudy KuangSimpleBBS QuestionController.java fileUpload unrestricted upload — KuangSimpleBBS 6.3 Medium2025-04-20
CVE-2025-3807 zhenfeng13 My-BBS Endpoint UploadController.java upload unrestricted upload — My-BBS 6.3 Medium2025-04-19
CVE-2025-3798 WCMS Advertisement Image AdvadminController.php sub unrestricted upload — WCMS 4.7 Medium2025-04-19
CVE-2021-4455 Wordpress Plugin Smart Product Review <= 1.0.4 - Unauthenticated Arbitrary File Upload — Wordpress Plugin Smart Product Review 9.8 Critical2025-04-19
CVE-2025-1093 AIHub <= 1.3.7 - Unauthenticated Arbitrary File Upload in generate_image — AI Hub - Startup & Technology WordPress Theme 9.8 Critical2025-04-19
CVE-2025-3783 SourceCodester Web-based Pharmacy Product Management System add-product.php unrestricted upload — Web-based Pharmacy Product Management System 6.3 Medium2025-04-18
CVE-2025-3765 SourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted upload — Web-based Pharmacy Product Management System 6.3 Medium2025-04-17
CVE-2025-3764 SourceCodester Web-based Pharmacy Product Management System edit-product.php unrestricted upload — Web-based Pharmacy Product Management System 6.3 Medium2025-04-17
CVE-2025-27282 WordPress Theme File Duplicator Plugin <= 1.3 - Arbitrary File Upload vulnerability — Theme File Duplicator 9.9 Critical2025-04-17
CVE-2025-32652 WordPress Solace Extra plugin <= 1.3.1 - Arbitrary File Upload vulnerability — Solace Extra 9.9 Critical2025-04-17
CVE-2025-32660 WordPress JS Job Manager plugin <= 2.0.2 - Arbitrary File Upload vulnerability — JS Job Manager 10.0 Critical2025-04-17
CVE-2025-32682 WordPress MapSVG Lite plugin <= 8.6.4 - Arbitrary File Upload Vulnerability — MapSVG 9.9 Critical2025-04-17
CVE-2025-39436 WordPress I Draw <= 1.0 - Arbitrary File Upload Vulnerability — I Draw 9.1 Critical2025-04-17
CVE-2025-31339 Wisdom Master Pro - Unrestricted Upload of File with Dangerous Type — Wisdom Master Pro 8.1AIHighAI2025-04-17
CVE-2025-39538 WordPress WP-Advanced-Search plugin <= 3.3.9.4 - Arbitrary File Upload Vulnerability — WP-Advanced-Search 6.6 Medium2025-04-16
CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability — Kadence WooCommerce Email Designer 9.1 Critical2025-04-16
CVE-2025-1980 Remote Code Execution via Unrestricted File Upload in Ready_ — Ready_ 8.8AIHighAI2025-04-16
CVE-2025-26927 WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability — AI Hub 10.0 Critical2025-04-15
CVE-2025-3593 ZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted upload — My-Blog-layui 6.3 Medium2025-04-14
CVE-2025-3585 westboy CicadasCMS JSP Parser upload unrestricted upload — CicadasCMS 6.3 Medium2025-04-14
CVE-2025-3566 veal98 小牛肉 Echo 开源社区系统 uploadMdPic unrestricted upload — Echo 开源社区系统 7.3 High2025-04-14
CVE-2025-3565 huanfenz/code-projects StudentManager Announcement Management Section uploadArticle.do unrestricted upload — StudentManager 4.7 Medium2025-04-14
CVE-2025-3558 ghostxbh uzy-ssm-mall uploadUserHeadImage unrestricted upload — uzy-ssm-mall 6.3 Medium2025-04-14

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.