Weaknesses of type CWE-434
2,800 resultsCVE-2024-10801CRITICALWordPress User Extra Fields <= 16.5 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2024-10627CRITICALWooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2024-10547CRITICALWP Membership <= 1.6.2 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2024-8615CRITICALWP JobSearch <= 2.6.7 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2023-30266HIGHCLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type.EPSS 0.8%CVE-2022-46839CRITICALWordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.7.1 is vulnerable to Arbitrary File UploadEPSS 0.8%CVE-2024-42563CRITICALAn arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file.EPSS 0.8%CVE-2024-34411CRITICALWordPress canvasio3D Light plugin <= 2.5.0 - Arbitrary File Upload vulnerabilityEPSS 0.8%CVE-2023-39377HIGH SiberianCMS - CWE-434: Unrestricted Upload of File with Dangerous Type - A malicious user with administrative privileges may be able to upload a dangerous filetype via an unspecified methodEPSS 0.8%CVE-2023-4159CRITICALUnrestricted Upload of File with Dangerous Type in omeka/omeka-sEPSS 0.8%CVE-2024-34440CRITICALWordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerabilityEPSS 0.8%CVE-2023-2419MEDIUMZhong Bang CRMEB SystemAttachmentServices.php videoUpload unrestricted uploadEPSS 0.8%CVE-2024-2754MEDIUMSourceCodester Complete E-Commerce Site users_photo.php unrestricted uploadEPSS 0.8%CVE-2023-5277MEDIUMSourceCodester Engineers Online Portal student_avatar.php unrestricted uploadEPSS 0.8%CVE-2024-34416CRITICALWordPress Pk Favicon Manager plugin <= 2.1 - Arbitrary File Upload vulnerabilityEPSS 0.8%CVE-2022-36452CRITICALA vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload maliEPSS 0.8%CVE-2025-1355MEDIUMneedyamin Library Card System Add Picture signup.php unrestricted uploadEPSS 0.8%CVE-2022-43979MEDIUMPath Traversal leading to Local File InclusionEPSS 0.8%CVE-2024-58279HIGHappRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager UploadEPSS 0.8%CVE-2023-3032HIGHMobatime web application - Arbitrary file upload (RCE)EPSS 0.8%