Weaknesses of type CWE-434
2,786 resultsCVE-2021-26918CRITICALThe ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a userEPSS 2.6%CVE-2024-32700CRITICALWordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerabilityEPSS 2.6%CVE-2023-3187MEDIUMPHPGurukul Teachers Record Management System Profile Picture changeimage.php unrestricted uploadEPSS 2.6%CVE-2022-40797CRITICALRoxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .phEPSS 2.6%CVE-2019-10959—BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impacEPSS 2.5%CVE-2013-10032HIGHGetSimple CMS 3.2.1 Authenticated RCE via Arbitrary PHP File UploadEPSS 2.5%CVE-2013-10040CRITICALClipBucket <= 2.6 ofc_upload_image.php Arbitrary File Upload RCEEPSS 2.5%CVE-2024-22393CRITICALApache Answer: Pixel Flood Attack by uploading the large pixel fileEPSS 2.5%CVE-2024-11138MEDIUMDedeCMS friendlink_add.php unrestricted uploadEPSS 2.5%CVE-2024-4964MEDIUMD-Link DAR-7000-40 urlblist.php unrestricted uploadEPSS 2.5%CVE-2024-4962MEDIUMD-Link DAR-7000-40 resmanage.php unrestricted uploadEPSS 2.5%CVE-2023-4226HIGHChamilo LMS File Upload Functionality Remote Code ExecutionEPSS 2.4%CVE-2021-24222—WP-Curricul Vitea Free <= 6.3 - Unauthenticated Arbitrary File Upload to RCEEPSS 2.4%CVE-2015-10138CRITICALWork The Flow File Upload <= 2.5.2 - Arbitrary File UploadEPSS 2.4%CVE-2021-35963CRITICALLearningdigital.com, Inc. Orca HCM - Unrestricted Upload of File with Dangerous TypeEPSS 2.4%CVE-2017-9650—An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan WebEPSS 2.4%CVE-2021-42839HIGHGrand Vice info Co. webopac7 - Arbitrary File UploadEPSS 2.4%CVE-2024-1918MEDIUMByzoro Smart S42 Management Platform userattestation.php unrestricted uploadEPSS 2.3%CVE-2019-25138CRITICALUser Submitted Posts <= 20190312 - Unauthenticated Arbitrary File UploadEPSS 2.3%CVE-2016-15033CRITICALDelete All Comments <= 2.0 - Arbitrary File UploadEPSS 2.3%