CWE-616

9 CVEs classified under CWE-616. Browse by severity and year.

Top CVEs for CWE-616
CVESeverityScorePublishedSummary
CVE-2025-67084Critical9.92026-01-15File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, which can later be execu…
CVE-2024-31601Critical9.82024-04-26An issue in Beijing Panabit Network Software Co., Ltd Panalog big data analysis platform v. 20240323 and before allows attackers to execute arbitrary code via…
CVE-2024-29858Critical9.82024-03-21In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload.
CVE-2023-38947High7.22023-08-03An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP…
CVE-2024-52305Medium6.52024-11-13UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. A vulnerability exists in the Create User process, allowin…
CVE-2024-28520Medium6.52024-04-04File Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an attacker to obtain se…
CVE-2026-22789Medium5.42026-01-12WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, WebErpMesv2 contains a file upload validation bypass v…
CVE-2025-59402Medium5.42025-09-25Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL mode. This enables…
CVE-2025-52130Medium5.42025-08-25File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to uploa…