CVE-2020-15651

A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS 28...

CVE-2020-26108

cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution SEC-488...

CVE-2019-9825

FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature...

CVE-2019-19634

class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...

CVE-2019-19680

A file-extension filtering vulnerability in Proofpoint Enterprise Protection PPS / PoD, in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms related to extensions, MIME types, virus detection, and journal entries for transmitted...

CVE-2015-9530

The Easy Digital Downloads EDD Upload File extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...

CVE-2019-7669

Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation of file extensions when uploading files could allow a remote authenticated attacker to upload and execute malicious applications within the application’s web root with root privileges...

CVE-2019-16318

In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317...

CVE-2019-14924

An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...

CVE-2016-11020

Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution...

CVE-2017-11178

In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not checked...

CVE-2015-9272

The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote attackers to execute arbitrary code because vp/vwupload.php considers a file safe when "html" are the last four characters, as demonstrated by a .phtml file containing PHP code...

CVE-2015-7309

The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it...

October CMS Allows Unprotected SVG Rename in Media Manager

Impact This advisory affects authenticated administrators with sites that have the media.cleanvectors configuration enabled. This configuration will sanitize SVG files uploaded using the media manager. This vulnerability allows an authenticated user to bypass this protection by uploading it with ...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload due to improper validation of file extensions. An attacker can bypass SVG file sanitization protections by initially uploading a file with a permitted extension and subsequently renaming it to an .svg extension...

CVE-2025-28168

The Multiple File Upload add-on component 3.1.0 for OutSystems is vulnerable to Unrestricted File Upload. This occurs because file extension and size validations are enforced solely on the client side. An attacker can intercept the upload request and modify a parameter to bypass extension...

ShowDoc unrestricted file upload vulnerability

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution. This issue affects ShowDoc: before 2.8.7...

GHSA-6JMR-R7P6-F5WR ShowDoc unrestricted file upload vulnerability

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution. This issue affects ShowDoc: before 2.8.7...

CVE-2025-0520

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7...

CVE-2025-4086

A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.. This vulnerability was fixed in Firefox 138...