VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Unrestricted Upload of File with Dangerous Type
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-01
CVE-2025-2891
The Real Estate 7 WordPress theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'template-submit-listing.php' file in all versions up to, and including, 3.5.4.
network
low complexity
CWE-434
8.8
8.8
2025-04-01
CVE-2025-2008
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import_single_post_as_csv() function in all versions up to, and including, 7.19.
network
low complexity
CWE-434
8.8
8.8
2025-04-01
CVE-2025-3042
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-04-01
CVE-2025-3041
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-03-31
CVE-2025-3040
A vulnerability was found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
CWE-434
6.3
6.3
2025-03-31
CVE-2025-2978
A vulnerability was found in WCMS 11.
network
low complexity
CWE-434
6.3
6.3
2025-03-31
CVE-2025-2973
Unrestricted Upload of File with Dangerous Type vulnerability in Code-Projects College Management System 1.0
A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0.
network
low complexity
code-projects
CWE-434
critical
9.8
9.8
2025-03-30
CVE-2025-2952
Unrestricted Upload of File with Dangerous Type vulnerability in Bluestar Micro Mall 1.0
A vulnerability classified as critical was found in Bluestar Micro Mall 1.0.
network
low complexity
bluestar
CWE-434
critical
9.8
9.8
2025-03-29
CVE-2025-2249
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj_soundslides_options_subpanel() function in all versions up to, and including, 1.2.2.
network
low complexity
CWE-434
8.8
8.8
2025-03-24
CVE-2025-2706
A vulnerability classified as critical was found in Digiwin ERP 5.0.1.
network
low complexity
CWE-434
6.3
6.3
«
Previous
1
2
...
3
4
5
(current)
6
7
...
204
205
»
Next