Weaknesses of type CWE-434

2,804 results
CVE-2024-49611CRITICALWordPress Product Website Showcase plugin <= 1.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-11675HIGHRagic|Enterprise Cloud Database - Arbitrary File UploadEPSS 0.5%CVE-2023-39307HIGHWordPress Avada theme <= 7.11.1 - Authenticated Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2022-0912MEDIUMUnrestricted Upload of File with Dangerous Type in microweber/microweberEPSS 0.5%CVE-2025-51056HIGHAn unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystEPSS 0.5%CVE-2024-10766MEDIUMCodezips Free Exam Hall Seating Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2024-51790CRITICALWordPress HB AUDIO GALLERY plugin <= 3.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2023-45724HIGHUnauthenticated File Upload affects DRYiCE MyXalyticsEPSS 0.5%CVE-2024-52476CRITICALWordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-33006CRITICALFile upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP PlatformEPSS 0.5%CVE-2025-10049HIGHResponsive Filterable Portfolio <= 1.0.24 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.5%CVE-2025-60947HIGHCensus CSWeb arbitrary file uploadEPSS 0.5%CVE-2025-10001HIGHImport any XML, CSV or Excel File to WordPress <= 3.9.3 - Authenticated (Admin+) Limited Unsafe File UploadEPSS 0.5%CVE-2024-22152HIGHWordPress Product Import Export for WooCommerce Plugin <= 2.3.7 is vulnerable to Arbitrary File UploadEPSS 0.5%CVE-2024-48646HIGHAn Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validatioEPSS 0.5%CVE-2025-67968CRITICALWordPress Real Homes CRM plugin <= 1.0.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-22135HIGHWordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.3 is vulnerable to Arbitrary File UploadEPSS 0.5%CVE-2025-6423HIGHBeeTeam368 Extensions <= 2.3.5 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.5%CVE-2024-31453MEDIUMPsiTransfer vulnerable to violation of the integrity of file distributionEPSS 0.5%CVE-2024-31454MEDIUMPsiTransfer file integrity violation vulnerabilityEPSS 0.5%