Weaknesses of type CWE-434
2,804 resultsCVE-2024-24000CRITICALjshERP v3.3 is vulnerable to Arbitrary File Upload. The jshERP-boot/systemConfig/upload interface does not check the uploaded file type, andEPSS 0.6%CVE-2026-33647HIGHAVideo Vulnerable to Remote Code Execution via MIME/Extension Mismatch in ImageGallery File UploadEPSS 0.6%CVE-2023-32689MEDIUMParse Server vulnerable to phishing attack vulnerability that involves uploading malicious HTML fileEPSS 0.6%CVE-2025-46612HIGHThe Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to execute arbitrary commands via a wizard/worEPSS 0.6%CVE-2023-5262MEDIUMOpenRapid RapidCMS uploadicon.php isImg unrestricted uploadEPSS 0.6%CVE-2025-23953CRITICALWordPress user files plugin <= 2.4.2 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2024-7910MEDIUMCodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted uploadEPSS 0.6%CVE-2021-4455CRITICALWordpress Plugin Smart Product Review <= 1.0.4 - Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2025-4391CRITICALEcho RSS Feed Post Generator <= 5.4.8.1 - Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2024-1261MEDIUMJuanpao JPShop API ComboController.php actionIndex unrestricted uploadEPSS 0.6%CVE-2026-1021CRITICALGotac|Police Statistics Database System - Arbitrary File UploadEPSS 0.6%CVE-2023-40183HIGHDataEase has a vulnerability to obtain user cookiesEPSS 0.6%CVE-2023-7150MEDIUMCampcodes Chic Beauty Salon Product product-list.php unrestricted uploadEPSS 0.6%CVE-2025-4556CRITICALZONG YU Okcat Parking Management Platform - Arbitrary File UploadEPSS 0.6%CVE-2024-1113MEDIUMopenBI Unity.php uploadUnity unrestricted uploadEPSS 0.6%CVE-2025-10051HIGHDemo Import Kit <= 1.1.0 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.6%CVE-2024-6958MEDIUMitsourcecode University Management System Avatar File st_update.php unrestricted uploadEPSS 0.6%CVE-2025-10754HIGHDocoDoco Store Locator <= 1.0.1 - Authenticated (Editor+) Arbitrary File UploadEPSS 0.6%CVE-2022-47186HIGHUnrestricted Upload of File vulnerability in Generex CS141EPSS 0.6%CVE-2024-54370CRITICALWordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.0 - Arbitrary File Upload vulnerabilityEPSS 0.6%