Weaknesses of type CWE-284

4,395 results
CVE-2024-1478MEDIUMMaintenance Mode <= 3.0.1 - Information ExposureEPSS 0.5%CVE-2025-8255MEDIUMcode-projects Exam Form Submission register.php unrestricted uploadEPSS 0.5%CVE-2025-0346MEDIUMcode-projects Content Management System Publish News Page publishnews.php unrestricted uploadEPSS 0.5%CVE-2025-4536MEDIUMGosuncn Technology Group Audio-Visual Integrated Management Platform listByPage information disclosureEPSS 0.5%CVE-2026-2669MEDIUMRongzhitong Visual Integrated Command and Dispatch Platform User delete access controlEPSS 0.5%CVE-2024-12478MEDIUMInvoicePlane 1 upload_file unrestricted uploadEPSS 0.5%CVE-2025-4535MEDIUMGosuncn Technology Group Audio-Visual Integrated Management Platform Configuration File config.properties information disclosureEPSS 0.5%CVE-2025-26611CRITICALSQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIAEPSS 0.5%CVE-2025-69691CRITICALNetgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API callEPSS 0.5%CVE-2023-36725HIGHWindows Kernel Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2022-3780HIGHDatabase connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deletEPSS 0.5%CVE-2024-1462MEDIUMMaintenance Page <= 1.0.8 - Security Mechanism Bypass via REST APIEPSS 0.5%CVE-2024-5168CRITICALImproper access control vulnerability in Prodys Quantum Audio codecEPSS 0.5%CVE-2023-28877HIGHThe VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.xEPSS 0.5%CVE-2023-20261MEDIUMA vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files froEPSS 0.5%CVE-2023-36790HIGHWindows RDP Encoder Mirror Driver Elevation of Privilege VulnerabilityEPSS 0.5%CVE-2024-45438CRITICALAn issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.phEPSS 0.5%CVE-2024-10766MEDIUMCodezips Free Exam Hall Seating Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2024-22216CRITICALIn default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured forEPSS 0.5%CVE-2022-32834MEDIUMAn access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security UEPSS 0.5%