CVE-2025-2819

MEDIUM Year: 2025
CVSS v3 Score
6.6
Medium
Weakness Type
CWE-434
View all →

Vulnerability Description

There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient validation in the file selection process. This could lead to data integrity issues and unauthorized access by an authenticated privileged user.

Related Vulnerabilities

CVE-2021-29699

MEDIUM
CVSS:6.6(Medium)

IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600.

CWE-4342021

CVE-2021-31207

MEDIUM
CVSS:6.6(Medium)

Microsoft Exchange Server Security Feature Bypass Vulnerability

CWE-4342021

CVE-2022-0263

MEDIUM
CVSS:6.6(Medium)

Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7.

CWE-4342022

CVE-2023-3800

MEDIUM
CVSS:6.6(Medium)

A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html#/admin/mall.goods/index.html of the componen...

CWE-4342023

CVE-2024-39717

MEDIUM
CVSS:6.6(Medium)

The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-...

CWE-4342024

CVE-2024-49676

MEDIUM
CVSS:6.6(Medium)

Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from...

CWE-4342024