Total
3928 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-23704 | 2026-02-04 | N/A | 6.5 MEDIUM | ||
| A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well. | |||||
| CVE-2025-48782 | 1 Scshr | 1 Hr Portal | 2026-02-04 | N/A | 9.8 CRITICAL |
| An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file. | |||||
| CVE-2022-50912 | 1 Impresscms | 1 Impresscms | 2026-02-03 | N/A | 9.8 CRITICAL |
| ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the server. | |||||
| CVE-2021-47758 | 1 Chikitsa | 1 Patient Management System | 2026-02-03 | N/A | 8.8 HIGH |
| Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious PHP plugins through the module upload functionality. Authenticated attackers can generate and upload a ZIP plugin with a PHP backdoor that enables arbitrary command execution on the server through a weaponized PHP script. | |||||
| CVE-2026-1730 | 2026-02-03 | N/A | 8.8 HIGH | ||
| The OS DataHub Maps plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'OS_DataHub_Maps_Admin::add_file_and_ext' function in all versions up to, and including, 1.8.3. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. | |||||
| CVE-2026-1065 | 2026-02-03 | N/A | 7.2 HIGH | ||
| The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.35. This is due to the plugin's default file upload allowlist including SVG files combined with weak substring-based extension validation. This makes it possible for unauthenticated attackers to upload malicious SVG files containing JavaScript code that will execute when viewed by administrators or site visitors via file upload fields in forms granted they can submit forms. | |||||
| CVE-2025-69565 | 1 Fabian | 1 Mobile Shop Management System | 2026-02-03 | N/A | 9.8 CRITICAL |
| code-projects Mobile Shop Management System 1.0 is vulnerable to File Upload in /ExAddProduct.php. | |||||
| CVE-2025-69559 | 1 Carmelo | 1 Computer Book Store | 2026-02-03 | N/A | 9.8 CRITICAL |
| code-projects Computer Book Store 1.0 is vulnerable to File Upload in admin_add.php. | |||||
| CVE-2025-36519 | 2026-02-03 | N/A | 4.3 MEDIUM | ||
| Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product. | |||||
| CVE-2024-5911 | 1 Paloaltonetworks | 1 Pan-os | 2026-01-30 | N/A | 4.9 MEDIUM |
| An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online. | |||||
| CVE-2025-8889 | 1 Eliehanna | 1 Compress And Upload Plugin | 2026-01-30 | N/A | 3.8 LOW |
| The Compress & Upload WordPress plugin before 1.0.5 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup) | |||||
| CVE-2026-21625 | 1 Stackideas | 1 Easydiscuss | 2026-01-30 | N/A | 8.8 HIGH |
| User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening. | |||||
| CVE-2025-70457 | 1 Remyandrade | 1 Modern Image Gallery App | 2026-01-30 | N/A | 9.8 CRITICAL |
| A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise. | |||||
| CVE-2025-55251 | 1 Hcltech | 1 Aion | 2026-01-30 | N/A | 3.1 LOW |
| HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise. | |||||
| CVE-2025-54944 | 1 Sun.net | 1 Ehrd Ctms | 2026-01-30 | N/A | 9.8 CRITICAL |
| An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which may lead to arbitrary code execution. | |||||
| CVE-2025-31342 | 2026-01-30 | N/A | N/A | ||
| An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file. | |||||
| CVE-2025-67325 | 1 Webkul | 1 Qloapps | 2026-01-30 | N/A | 9.8 CRITICAL |
| Unrestricted file upload in the hotel review feature in QloApps versions 1.7.0 and earlier allows remote unauthenticated attackers to achieve remote code execution. | |||||
| CVE-2021-47788 | 1 Websitebaker | 1 Websitebaker | 2026-01-30 | N/A | 8.8 HIGH |
| WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server. | |||||
| CVE-2026-24010 | 1 Horilla | 1 Horilla | 2026-01-29 | N/A | 8.0 HIGH |
| Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HTML file disguised as a profile picture, an attacker can create a convincing login page replica that steals user credentials. When a victim visits the uploaded file URL, they see an authentic-looking "Session Expired" message prompting them to re-authenticate. All entered credentials are captured and sent to the attacker's server, enabling Account Takeover. Version 1.5.0 patches the issue. | |||||
| CVE-2026-24034 | 1 Horilla | 1 Horilla | 2026-01-29 | N/A | 5.4 MEDIUM |
| Horilla is a free and open source Human Resource Management System (HRMS). In versions prior to 1.5.0, a cross-site scripting vulnerability can be triggered because the extension and content-type are not checked during the profile photo update step. Version 1.5.0 fixes the issue. | |||||