Weaknesses of type CWE-434

2,816 results
CVE-2026-11839CRITICALArbitrary File Upload in Basarsoft's RotabanEPSS 0.3%CVE-2024-44598HIGHFNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.EPSS 0.3%CVE-2025-8344MEDIUMopenviglet shio ShStaticFileAPI.java shStaticFileUpload unrestricted uploadEPSS 0.3%CVE-2026-1813MEDIUMbolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted uploadEPSS 0.3%CVE-2025-46078MEDIUMHuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target serverEPSS 0.3%CVE-2024-25182CRITICALgivanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.EPSS 0.3%CVE-2025-53891MEDIUMTIME LINE has Improper File Validation in Upload SectionEPSS 0.3%CVE-2025-8171MEDIUMcode-projects Document Management System insert.php unrestricted uploadEPSS 0.3%CVE-2024-27480CRITICALgivanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload.EPSS 0.3%CVE-2023-27753HIGHAn arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted PHP file.EPSS 0.3%CVE-2025-69312CRITICALWordPress Xpro Elementor Addons plugin <= 1.4.19.1 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2026-32524CRITICALWordPress Photo Engine plugin <= 6.4.9 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2026-24960CRITICALWordPress Charety theme < 2.0.2 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-13815MEDIUMmoxi159753 Mogu Blog v2 pictures unrestricted uploadEPSS 0.3%CVE-2025-10371MEDIUMeCharge Hardy Barth Salia PLCC api.php unrestricted uploadEPSS 0.3%CVE-2025-13544MEDIUMashraf-kabir travel-agency customer_register.php unrestricted uploadEPSS 0.3%CVE-2025-36174HIGHIBM Integrated Analytics System file uploadEPSS 0.3%CVE-2025-48396HIGHArbitrary code execution is possible due to improper validation of the file upload functionality in Eaton BLSS. This security issue has beenEPSS 0.3%CVE-2026-25413CRITICALWordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-10085MEDIUMSourceCodester Pet Grooming Management Software manage_website.php unrestricted uploadEPSS 0.3%