Weaknesses of type CWE-434
2,804 resultsCVE-2024-48202CRITICALicecms <=3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile.EPSS 0.6%CVE-2025-10747HIGHWP-DownloadManager <= 1.68.11 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.6%CVE-2025-5061HIGHWP Import Export Lite <= 3.9.29 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.6%CVE-2024-2406MEDIUMGacjie Server Upload.php index unrestricted uploadEPSS 0.6%CVE-2024-4904MEDIUMByzoro Smart S200 Management Platform userattestation.php unrestricted uploadEPSS 0.6%CVE-2024-7192MEDIUMitsourcecode Society Management System student.php unrestricted uploadEPSS 0.6%CVE-2025-4279HIGHExternal image replace <= 1.0.8 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.6%CVE-2022-0499—Sermon Browser <= 0.45.22 - Arbitrary File Upload via CSRFEPSS 0.6%CVE-2024-52677CRITICALHkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php.EPSS 0.6%CVE-2024-5734MEDIUMitsourcecode Online Discussion Forum poster.php unrestricted uploadEPSS 0.6%CVE-2021-47943HIGHTextPattern CMS 4.8.7 Remote Code Execution via File UploadEPSS 0.6%CVE-2023-51473CRITICALWordPress TerraClassifieds Plugin <= 2.0.3 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2023-51411CRITICALWordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2025-47787HIGHEmlog Pro Contains a File Upload VulnerabilityEPSS 0.6%CVE-2025-24650CRITICALWordPress Tourfic plugin <= 2.15.3 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2025-2891HIGHWP Pro Real Estate 7 <= 3.5.4 - Authenticated (Custom) Arbitrary File UploadEPSS 0.6%CVE-2021-47904HIGHPhreeBooks 5.2.3 - Remote Code ExecutionEPSS 0.6%CVE-2025-9515HIGHMulti Step Form <= 1.7.25 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.6%CVE-2024-2058MEDIUMSourceCodester Petrol Pump Management Software product.php unrestricted uploadEPSS 0.6%CVE-2025-2219MEDIUMLoveCards LoveCardsV2 image unrestricted uploadEPSS 0.6%