Export limit exceeded: 363285 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363285 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (4283 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-10547 1 E-plugins 1 Wp Membership 2026-04-15 9.8 Critical
The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.6.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2021-4455 2026-04-15 9.8 Critical
The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2024-6313 2 Nikolaystrikhar, Wordpress 2 Gutenberg Forms, Wordpress 2026-04-15 9.8 Critical
The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVE-2024-9504 1 Wpdevart 1 Booking Calendar 2026-04-15 7.2 High
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.2.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
CVE-2025-7487 2026-04-15 6.3 Medium
A vulnerability, which was classified as critical, was found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26. This affects the function SysFileController of the file /file/upload. The manipulation of the argument portraitFile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
CVE-2024-57407 2026-04-15 7.3 High
An arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows attackers to execute arbitrary code via uploading a crafted file.
CVE-2014-125116 1 Hybridauth Social Login Project 1 Hybridauth Social Login 2026-04-15 N/A
A remote code execution vulnerability exists in HybridAuth versions 2.0.9 through 2.2.2 due to insecure use of the install.php installation script. The script remains accessible after deployment and fails to sanitize input before writing to the application’s config.php file. An unauthenticated attacker can inject arbitrary PHP code into config.php, which is later executed when the file is loaded. This allows attackers to achieve remote code execution on the server. Exploitation of this issue will overwrite the existing configuration, rendering the application non-functional.
CVE-2025-10755 1 Selleo 1 Mentingo 2026-04-15 6.3 Medium
A vulnerability was detected in Selleo Mentingo 2025.08.27. The impacted element is an unknown function of the component Content-Type Handler. The manipulation of the argument userAvatar results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-39933 2026-04-15 4.3 Medium
Insufficient verification vulnerability exists in Broadcast Mail CGI (pmc.exe) included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a user who can upload files through the product may execute an arbitrary executable file with the web server's execution privilege.
CVE-2025-48396 1 Eaton 1 Brightlayer Software Suite 2026-04-15 8.3 High
Arbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has been fixed in the latest script patch latest version of of Eaton BLSS (7.3.0.SCP004).
CVE-2023-30968 2026-04-15 6.8 Medium
One of Gotham Gaia services was found to be vulnerable to a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker to bypass CSP and get a persistent cross site scripting payload on the stack.
CVE-2025-24505 2026-04-15 N/A
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.
CVE-2025-60235 3 Plugify, Woocommerce, Wordpress 3 Helpdesk Support Ticket System For Woocommerce, Woocommerce, Wordpress 2026-04-15 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Support Ticket System for WooCommerce (Premium) support-ticket-system-for-woocommerce allows Using Malicious Files.This issue affects Support Ticket System for WooCommerce (Premium): from n/a through <= 2.0.7.
CVE-2025-62016 2 Hogash, Wordpress 2 Kallyas, Wordpress 2026-04-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0.
CVE-2025-69828 1 Tms 1 Management Console 2026-04-15 10 Critical
File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit
CVE-2025-11948 1 Excellent Infotek 1 Document Management System 2026-04-15 9.8 Critical
Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
CVE-2018-25158 1 Chamilo 1 Chamilo Lms 2026-04-15 8.8 High
Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute arbitrary code by accessing the uploaded files.
CVE-2025-10116 2026-04-15 7.3 High
A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code of the file /docs/admin/file_upload.php. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used.
CVE-2025-55383 2026-04-15 8.6 High
Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server.
CVE-2024-43656 2026-04-15 8.8 High
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – It might be difficult for an attacker to identify the file structure of the <redated> directory, and then modify the backup to add a new CGI script in the correct directory. Furthermore, the attacker will need an account to restore the settings backup, or convince a user with such access to upload a modified backup file. Impact: Critical – The attacker has full control over the charging station as the root user, and can arbitrarily add, modify and deletefiles and services. CVSS clarification: Any network interface serving the web ui is vulnerable (AV:N) and there are not additional security measures to circumvent (AC:L), nor does the attack require and existing preconditions (AT:N). The attack is authenticated, but the level of authentication does not matter (PR:L), nor is any user interaction required (UI:N). The attack leads to a full compromised (VC:H/VI:H/VA:H), and compromised devices can be used to pivot into networks that should potentially not be accessible (SC:L/SI:L/SA:H). Becuase this is an EV charger handing significant power, there is a potential safety impact (S:P). This attack can be automated (AU:Y).