Weaknesses of type CWE-434
2,799 resultsCVE-2023-7181MEDIUMMuyun DedeBIZ Add Attachment unrestricted uploadEPSS 0.8%CVE-2021-47758HIGHChikitsa Patient Management System 2.0.2 - Remote Code Execution (RCE) (Authenticated)EPSS 0.8%CVE-2024-58348CRITICALWordPress Background Image Cropper 1.2 Remote Code ExecutionEPSS 0.8%CVE-2024-13981CRITICALLiveBos UploadFile.do Arbitrary File UploadEPSS 0.8%CVE-2023-3626MEDIUMSuncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System UpLoadFloodPlanFile UpLoadFloodPlanFile.ashx unrestricted uploadEPSS 0.8%CVE-2023-3625MEDIUMSuncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System Duty Write-UploadFile UploadFile.ashx unrestricted uploadEPSS 0.8%CVE-2023-3692MEDIUMUnrestricted Upload of File with Dangerous Type in admidio/admidioEPSS 0.8%CVE-2026-38526CRITICALAn authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to eEPSS 0.8%CVE-2021-37194—A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 onlEPSS 0.8%CVE-2024-2148MEDIUMSourceCodester Online Mobile Management Store Users.php unrestricted uploadEPSS 0.8%CVE-2023-3802MEDIUMChengdu Flash Flood Disaster Monitoring and Warning System Ajaxfileupload.ashx unrestricted uploadEPSS 0.8%CVE-2025-67325CRITICALUnrestricted file upload in the hotel review feature in QloApps versions 1.7.0 and earlier allows remote unauthenticated attackers to achievEPSS 0.8%CVE-2023-5284MEDIUMSourceCodester Engineers Online Portal upload_save_student.php unrestricted uploadEPSS 0.8%CVE-2025-70457CRITICALA Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. EPSS 0.8%CVE-2022-50893CRITICALVIAVIWEB Wallpaper Admin 1.0 - Code Execution via Image UploadEPSS 0.8%CVE-2023-7061HIGHAdvanced File Manager Shortcode <= 2.5.3 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.8%CVE-2024-28147HIGHUnrestricted Upload of Files in edu-sharingEPSS 0.8%CVE-2023-22450HIGH
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to upload an AEPSS 0.8%CVE-2024-4920MEDIUMSourceCodester Online Discussion Forum Site registerH.php unrestricted uploadEPSS 0.8%CVE-2024-10627CRITICALWooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File UploadEPSS 0.8%