Weaknesses of type CWE-434
2,800 resultsCVE-2023-1391MEDIUMSourceCodester Online Tours & Travels Management System ab.php unrestricted uploadEPSS 0.7%CVE-2025-58745CRITICALWeGIA has a bypass for the fix for CVE-2025-22133 - Arbitrary File Upload leads to Remote Code Execution (RCE)EPSS 0.7%CVE-2024-10993MEDIUMCodezips Online Institute Management System manage_website.php unrestricted uploadEPSS 0.7%CVE-2022-42029HIGHChamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big fileEPSS 0.7%CVE-2023-24507HIGHAgilePoint NX v8.0 SU2.2 & SU2.3 – Insecure File UploadEPSS 0.7%CVE-2023-32757CRITICALe-Excellence U-Office Force - Arbitrary File UploadEPSS 0.7%CVE-2024-52769HIGHAn arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code EPSS 0.7%CVE-2022-45427HIGHSome Dahua software products have a vulnerability of unrestricted upload of file. After obtaining the permissions of administrators, by sendEPSS 0.7%CVE-2023-37289CRITICALInfoDoc Document On-line Submission and Approval System - Arbitrary File UploadEPSS 0.7%CVE-2025-12674CRITICALKiotViet Sync <= 1.8.5 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2025-11170CRITICALWP移行専用プラグイン for CPI <= 1.0.2 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2024-12953MEDIUM1000 Projects Portfolio Management System MCA update_pd_process.php unrestricted uploadEPSS 0.7%CVE-2026-22766HIGHDell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privEPSS 0.7%CVE-2024-12954MEDIUM1000 Projects Portfolio Management System MCA update_ach.php unrestricted uploadEPSS 0.7%CVE-2024-8089MEDIUMSourceCodester E-Commerce System controller.php unrestricted uploadEPSS 0.7%CVE-2025-1028HIGHContact Manager <= 8.6.4 - Unauthenticated Arbitrary Double File Extension UploadEPSS 0.7%CVE-2024-7943MEDIUMitsourcecode Laravel Property Management System PropertiesController.php upload unrestricted uploadEPSS 0.7%CVE-2020-7302MEDIUMDLP ePO extension - Unrestricted Upload of File with Dangerous TypeEPSS 0.7%CVE-2025-6553CRITICALOvatheme Events Manager <= 1.8.5 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2024-51499HIGHMarkUs Arbitrary File Write leading up to remote code execution (student accounts)EPSS 0.7%