Weaknesses of type CWE-434
2,799 resultsCVE-2024-50510CRITICALWordPress AR For Woocommerce plugin <= 6.3 - Arbitrary File Upload vulnerabilityEPSS 1.0%CVE-2022-44050CRITICALThe d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential cEPSS 1.0%CVE-2022-44052CRITICALThe d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code eEPSS 1.0%CVE-2023-51925CRITICALAn arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 alloEPSS 1.0%CVE-2023-1721CRITICALYoga Class Registration System 1.0 - RCEEPSS 1.0%CVE-2023-51928CRITICALAn arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 alloEPSS 1.0%CVE-2023-51924CRITICALAn arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to executeEPSS 1.0%CVE-2013-10047CRITICALMiniWeb <= Build 300 Arbitrary File UploadEPSS 1.0%CVE-2026-23636MEDIUMKiteworks Secure Data Forms is vulnerable to an Unrestricted Upload of File with Dangerous TypeEPSS 1.0%CVE-2023-1313HIGHUnrestricted Upload of File with Dangerous Type in cockpit-hq/cockpitEPSS 1.0%CVE-2013-10067CRITICALGlossword 1.8.8 - 1.8.12 Arbitrary File Upload RCEEPSS 1.0%CVE-2025-7847HIGHAI Engine 2.9.3 - 2.9.4 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.0%CVE-2025-25790CRITICALAn arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS v1.2.5 allows attackers to execute arbitraryEPSS 1.0%CVE-2023-29627HIGHOnline Pizza Ordering v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary codeEPSS 1.0%CVE-2023-29621HIGHPurchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary EPSS 1.0%CVE-2026-1555CRITICALWebStack <= 1.2024 - Unauthenticated Arbitrary File UploadEPSS 1.0%CVE-2022-50912CRITICALImpressCMS 1.4.4 - Unrestricted File UploadEPSS 1.0%CVE-2023-30122CRITICALAn arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackerEPSS 1.0%CVE-2024-3483HIGHRemote Code Execution vulnerability in the iManagerEPSS 1.0%CVE-2023-42286CRITICALThere is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowing attackers to execute code or system coEPSS 1.0%