Weaknesses of type CWE-434
2,814 resultsCVE-2025-24775CRITICALWordPress Forms <= 2.9.0 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-11398MEDIUMSourceCodester Hotel and Lodge Management System Profile profile.php unrestricted uploadEPSS 0.4%CVE-2025-10465HIGHUnrestricted File Upload in Birtech Information Technologies' SensawayEPSS 0.4%CVE-2025-12593MEDIUMcode-projects Simple Online Hotel Reservation System Photo edit_room.php unrestricted uploadEPSS 0.4%CVE-2024-23811HIGHA vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected application allows users to upload arbitrary files EPSS 0.4%CVE-2025-5130MEDIUMTmall Demo uploadProductImage unrestricted uploadEPSS 0.4%CVE-2026-46400HIGHHAXCMS PHP has a File Upload Validation BypassEPSS 0.4%CVE-2025-47637CRITICALWordPress STAGGS plugin <= 2.11.0 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-32202CRITICALWordPress Insert or Embed Articulate Content into WordPress plugin <= 4.3000000025 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-57460CRITICALFile upload vulnerability in machsol machpanel 8.0.32 allows attacker to gain a webshell.EPSS 0.4%CVE-2025-10083MEDIUMSourceCodester Pet Grooming Management Software profile.php unrestricted uploadEPSS 0.4%CVE-2025-5406MEDIUMchaitak-gorai Blogbook posts.php unrestricted uploadEPSS 0.4%CVE-2026-5261MEDIUMShandong Hoteam InforCenter PLM BaseHandler.ashx uploadFileToIIS unrestricted uploadEPSS 0.4%CVE-2026-24769HIGHNocoDB Vulnerable to Stored Cross-Site Scripting via SVG uploadEPSS 0.4%CVE-2025-14014CRITICALInsecure File Upload in NTN Informatics' Smart PanelEPSS 0.4%CVE-2023-23707MEDIUMWordPress Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2026-20098HIGHCisco Meeting Management Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-14530MEDIUMSourceCodester Real Estate Property Listing App property.php unrestricted uploadEPSS 0.4%CVE-2026-1423MEDIUMcode-projects Online Examination System admin_pic.php unrestricted uploadEPSS 0.4%CVE-2024-1932MEDIUMUnrestricted Upload of File with Dangerous Type in freescout-helpdesk/freescoutEPSS 0.4%