CWE-351: CWE-351

Total CVEs

Critical

High

6.7

Avg CVSS

Yearly Trend

2025

2024

2023

Top Affected Vendors

1 Ibm 1

2 Advantech 1

3 Typo3 1

4 Growatt 1

5 Contao 1

All CWE-351 CVEs (5)

CVE-2025-30510

9.8

This vulnerability allows attackers to upload arbitrary files instead of legitimate plant images in affected systems. This could lead to remote code e...

Apr 15, 2025

CVE-2023-2866

7.3

This vulnerability in Advantech WebAccess allows authenticated attackers to upload malicious .zip files that can deploy web shells, potentially granti...

Jun 7, 2023

CVE-2025-65960

6.6

This vulnerability allows authenticated back-end users in Contao CMS to execute arbitrary PHP functions through template closures, potentially leading...

Nov 25, 2025

CVE-2025-47939

5.4

This vulnerability in TYPO3's file management module allows backend users to upload potentially harmful files like executables or files with mismatche...

May 20, 2025

CVE-2024-45676

4.3

This vulnerability in IBM Cognos Controller allows authenticated users to upload insecure files due to insufficient file type validation. Attackers co...

Dec 3, 2024

About CWE-351 (CWE-351)

Our database tracks 5 CVEs classified as CWE-351, with 1 rated critical and 1 rated high severity. The average CVSS score for CWE-351 vulnerabilities is 6.7.

External reference: View CWE-351 on MITRE CWE →

Monitor CWE-351 Vulnerabilities

Get alerted when new CWE-351 CVEs affect your infrastructure.

Start Monitoring Free