Weaknesses of type CWE-434
2,804 resultsCVE-2025-5831HIGHDroip < 2.5.2 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.6%CVE-2025-23918CRITICALWordPress Smallerik File Browser plugin <= 1.1 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-28170CRITICALWordPress Theme Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2026-22799CRITICALemlog Arbitrary File Upload VulnerabilityEPSS 0.6%CVE-2025-5322HIGHVikRentCar Car Rental Management System <= 1.4.3 - Authenticated (Administrator+) Arbitrary File UploadEPSS 0.6%CVE-2024-9985CRITICALRagic Enterprise Cloud Database - Arbitrary File UploadEPSS 0.6%CVE-2022-0950MEDIUMUnrestricted Upload of File with Dangerous Type in star7th/showdocEPSS 0.6%CVE-2024-7450MEDIUMitsourcecode Placement Management System Image resume_upload.php unrestricted uploadEPSS 0.6%CVE-2024-53863HIGHSynapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decodersEPSS 0.6%CVE-2024-31280CRITICALWordPress Church Admin plugin <= 4.1.5 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2026-6249HIGHVvveb CMS 1.0.8.2 Remote Code Execution via Media UploadEPSS 0.6%CVE-2024-5043MEDIUMEmlog Pro setting.php unrestricted uploadEPSS 0.6%CVE-2025-13329CRITICALFile Uploader for WooCommerce <= 1.0.3 - Unauthenticated Arbitrary File Upload via add-image-dataEPSS 0.6%CVE-2024-2599CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in AMSS++EPSS 0.6%CVE-2023-39539HIGHFailure when uploading a Logo image fileEPSS 0.6%CVE-2023-1734HIGHSourceCodester Young Entrepreneur E-Negosyo System unrestricted uploadEPSS 0.6%CVE-2025-2396HIGHe-Excellence U-Office Force - Arbitrary File UploadEPSS 0.6%CVE-2023-4817HIGHUnrestricted file upload vulnerability in ICP DAS ET-7060EPSS 0.6%CVE-2025-34328CRITICALAudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Upload RCE via ajaxScript.phpEPSS 0.6%CVE-2026-33071MEDIUMFileRise: WebDAV upload path bypasses filename validation enforced by regular uploadsEPSS 0.6%