How severe is CVE-2025-31916?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9 out of 10.

What type of vulnerability is CVE-2025-31916?

This is classified as CWE-434, which is a common weakness in software security.

CVE-2025-31916

CRITICAL Year: 2025

CVSS v3 Score

9.0

Critical

Weakness Type

CWE-434

View all →

Vulnerability Description

Unrestricted Upload of File with Dangerous Type vulnerability in joy2012bd JP Students Result Management System Premium allows Upload a Web Shell to a Web Server. This issue affects JP Students Result Management System Premium: from 1.1.7 through n/a.

CVE-2019-4130

CRITICAL

CVSS:9.0(Critical)

IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.

CWE-4342019

CVE-2022-0945

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.

CWE-4342022

CVE-2022-0960

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.

CWE-4342022

CVE-2022-0962

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.

CWE-4342022

CVE-2022-1045

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.

CWE-4342022

CVE-2022-1345

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking,...

CWE-4342022

CVE-2025-31916

Vulnerability Description

Related Vulnerabilities

CVE-2019-4130

CVE-2022-0945

CVE-2022-0960

CVE-2022-0962

CVE-2022-1045

CVE-2022-1345