Weaknesses of type CWE-434
2,795 resultsCVE-2012-10052CRITICALEGallery 1.2 Arbitrary PHP File UploadEPSS 1.4%CVE-2024-34110HIGHRCE in the Adobe Commerce Webhook module through a legit webhook definitionEPSS 1.4%CVE-2025-68109CRITICALChurchCRM vulnerable to RCE with database restore functionalityEPSS 1.4%CVE-2022-48079CRITICALMonnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate privileges and execute arbitrary code viEPSS 1.4%CVE-2023-38388CRITICALWordPress Jupiter X Core plugin <= 3.3.5 - Unauth. Arbitrary File Upload vulnerabilityEPSS 1.4%CVE-2024-6132HIGHPexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File UploadEPSS 1.4%CVE-2024-3962CRITICALProduct Addons & Fields for WooCommerce <= 32.0.18 - Unauthenticated Arbitrary File Upload via ppom_upload_fileEPSS 1.4%CVE-2023-49715MEDIUMA unrestricted php file upload vulnerability exists in the import.json.php temporary copy functionality of WWBN AVideo dev master commit 15fEPSS 1.4%CVE-2023-6558HIGHExport and Import Users and Customers <= 2.4.8 - Authenticated (Shop Manager+) Arbitrary File UploadEPSS 1.4%CVE-2024-0864CRITICALRCE in LaragonEPSS 1.4%CVE-2023-27178CRITICALAn arbitrary file upload vulnerability in the upload function of GDidees CMS 3.9.1 allows attackers to execute arbitrary code via a crafted EPSS 1.4%CVE-2023-6576MEDIUMByzoro S210 HTTP POST Request uploadfile.php unrestricted uploadEPSS 1.4%CVE-2023-28353HIGHAn issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any locEPSS 1.4%CVE-2021-33352CRITICALAn issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar fEPSS 1.4%CVE-2024-27923HIGHRemote Code Execution by uploading a phar file using frontmatterEPSS 1.4%CVE-2024-31114CRITICALWordPress Shortcode Addons <= 3.2.5 - Arbitrary File Upload vulnerabilityEPSS 1.4%CVE-2024-52375CRITICALWordPress Datasets Manager by Arttia Creative plugin <= 1.5 - Arbitrary File Upload vulnerabilityEPSS 1.4%CVE-2023-30185CRITICALCRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.pEPSS 1.3%CVE-2013-10055CRITICALHavalite CMS Arbitary File Upload RCEEPSS 1.3%CVE-2023-2712CRITICALMalicious File Upload vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform.EPSS 1.3%