Total
3524 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30131 | 1 Iroadau | 2 Fx2, Fx2 Firmware | 2025-11-06 | 9.8 Critical |
| An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is uploaded, the attacker can execute commands with root privileges, gaining full control over the dashcam. Additionally, by uploading a netcat (nc) binary, the attacker can establish a reverse shell, maintaining persistent remote and privileged access to the device. This allows complete device takeover. | ||||
| CVE-2025-58996 | 1 Wordpress | 1 Wordpress | 2025-11-06 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Upload a Web Shell to a Web Server.This issue affects Advanced Settings: from n/a through <= 3.1.1. | ||||
| CVE-2025-62065 | 1 Wordpress | 1 Wordpress | 2025-11-06 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through <= 1.6.5. | ||||
| CVE-2025-12346 | 2 Max-3000, Maxsite | 2 Maxsite Cms, Cms | 2025-11-06 | 6.3 Medium |
| A vulnerability was detected in MaxSite CMS up to 109. This vulnerability affects unknown code of the file application/maxsite/admin/plugins/auto_post/uploads-require-maxsite.php of the component HTTP Header Handler. Performing manipulation of the argument X-Requested-FileName/X-Requested-FileUpDir results in unrestricted upload. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12347 | 2 Max-3000, Maxsite | 2 Maxsite Cms, Cms | 2025-11-06 | 6.3 Medium |
| A flaw has been found in MaxSite CMS up to 109. This issue affects some unknown processing of the file application/maxsite/admin/plugins/editor_files/save-file-ajax.php. Executing manipulation of the argument file_path/content can lead to unrestricted upload. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-26497 | 4 Linux, Microsoft, Salesforce and 1 more | 5 Linux, Linux Kernel, Windows and 2 more | 2025-11-06 | 7.3 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Editor modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19. | ||||
| CVE-2025-20354 | 1 Cisco | 1 Unified Contact Center Express | 2025-11-06 | 9.8 Critical |
| A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vulnerability is due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. | ||||
| CVE-2025-20376 | 1 Cisco | 1 Unified Contact Center Express | 2025-11-06 | 6.5 Medium |
| A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials. | ||||
| CVE-2025-10907 | 1 Wso2 | 11 Api Control Plane, Api Manager, Carbon and 8 more | 2025-11-06 | 8.4 High |
| An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment. Successful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services. | ||||
| CVE-2025-12674 | 1 Wordpress | 1 Wordpress | 2025-11-06 | 9.8 Critical |
| The KiotViet Sync plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the create_media() function in all versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2025-20375 | 1 Cisco | 1 Unified Contact Center Express | 2025-11-06 | 6.5 Medium |
| A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials. | ||||
| CVE-2025-3125 | 1 Wso2 | 9 Api Control Plane, Api Manager, Carbon and 6 more | 2025-11-06 | 6.7 Medium |
| An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE). This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions. | ||||
| CVE-2025-7939 | 1 Jerryshensjf | 1 Jpacookieshop | 2025-11-06 | 6.3 Medium |
| A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0. It has been classified as critical. Affected is the function addGoods of the file GoodsController.java. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. | ||||
| CVE-2022-47878 | 1 Jedox | 1 Jedox | 2025-11-06 | 9.1 Critical |
| Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code. NOTE: The vendor states that the vulnerability affects installations running version 22.2 or earlier. The issue was resolved with the version 22.3 and later versions are not affected. Additionally, the vendor states that this vulnerability affects on-premises deployments only and that it does not impact cloud-hosted or SaaS environments. | ||||
| CVE-2025-12593 | 2 Code-projects, Fabian | 2 Simple Online Hotel Reservation System, Simple Online Hotel Reservation System | 2025-11-05 | 4.7 Medium |
| A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/edit_room.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2020-36863 | 1 Nagios | 2 Nagios Xi, Xi | 2025-11-05 | 8.8 High |
| Nagios XI versions prior to 5.7.2 allow PHP files to be uploaded to the Audio Import directory and executed from that location. The upload handler did not properly restrict file types or enforce storage outside of the webroot, and the web server permitted execution within the upload directory. An authenticated attacker with access to the audio import feature could upload a crafted PHP file and then request it to achieve remote code execution with the privileges of the application service. | ||||
| CVE-2024-50623 | 1 Cleo | 4 Harmomy, Harmony, Lexicom and 1 more | 2025-11-05 | 9.8 Critical |
| In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution. | ||||
| CVE-2025-12682 | 1 Wordpress | 1 Wordpress | 2025-11-05 | 9.8 Critical |
| The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in the 'file_during_checkout' function in all versions up to, and including, 2.9.8. This makes it possible for unauthenticated attackers to upload arbitrary JavaScript files on the affected site's server which may make remote code execution possible. | ||||
| CVE-2025-2749 | 1 Kentico | 1 Xperience | 2025-11-04 | 7.2 High |
| An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code execution.This issue affects Kentico Xperience through 13.0.178. | ||||
| CVE-2025-0520 | 1 Showdoc | 1 Showdoc | 2025-11-04 | N/A |
| An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7. | ||||