Weaknesses of type CWE-434
2,797 resultsCVE-2022-2883HIGHIn affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of ServiceEPSS 1.0%CVE-2022-44048CRITICALThe d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code exEPSS 1.0%CVE-2022-44049CRITICALThe d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code EPSS 1.0%CVE-2022-44051CRITICALThe d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code eEPSS 1.0%CVE-2022-43304CRITICALThe d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code eEPSS 1.0%CVE-2022-43303CRITICALThe d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential codeEPSS 1.0%CVE-2022-43305CRITICALThe d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code EPSS 1.0%CVE-2023-6976HIGHUnrestricted Upload of File with Dangerous TypeEPSS 1.0%CVE-2023-33386CRITICALMarsCTF 1.2.1 has an arbitrary file upload vulnerability in the interface for uploading attachments in the background.EPSS 1.0%CVE-2022-42034HIGHWedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php.EPSS 1.0%CVE-2025-44658CRITICALIn Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .phpEPSS 1.0%CVE-2024-6707HIGHOpen WebUI Arbitrary File Upload + Path TraversalEPSS 1.0%CVE-2023-39463HIGHTriangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution VulnerabilityEPSS 1.0%CVE-2024-7257CRITICALYayExtra – WooCommerce Extra Product Options <= 1.3.7 - Unauthenticated Arbitrary File Upload via handle_upload_file FunctionEPSS 1.0%CVE-2024-24202CRITICALAn arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 alEPSS 1.0%CVE-2024-0916CRITICALUnauthenticated Remote Code Execution in UvDesk CommunityEPSS 1.0%CVE-2025-25784CRITICALAn arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary cEPSS 1.0%CVE-2022-44054CRITICALThe d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code exeEPSS 1.0%CVE-2022-42229HIGHWedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php.EPSS 1.0%CVE-2024-10901CRITICALArbitrary File Write via DuckDB SQL Injection in eosphoros-ai/db-gptEPSS 1.0%