Fallos del tipo CWE-434
2813 resultadosCVE-2025-7898MEDIUMCodecanyon iDentSoft Account Setting Page updateSetting unrestricted uploadEPSS 0.4%CVE-2025-2687MEDIUMPHPGurukul eLearning System Image index.php unrestricted uploadEPSS 0.4%CVE-2026-56414HIGHH.VIEW HV-500S6 IP Camera Unrestricted Upload of File with Dangerous TypeEPSS 0.4%CVE-2025-0399MEDIUMStarSea99 starsea-mall uploadController.java UploadController unrestricted uploadEPSS 0.4%CVE-2025-67289CRITICALAn arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code viaEPSS 0.4%CVE-2025-4923MEDIUMSourceCodester Client Database Management System user_delivery_update.php unrestricted uploadEPSS 0.4%CVE-2024-44599HIGHFNT Command 13.4.0 is vulnerable to Directory Traversal.EPSS 0.4%CVE-2024-57407HIGHAn arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows attackers to execute arbitrary code via uploadingEPSS 0.4%CVE-2026-25201HIGHAn unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue EPSS 0.4%CVE-2025-63678LOWAn authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attEPSS 0.4%CVE-2025-65875HIGHAn arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via upEPSS 0.4%CVE-2025-7755MEDIUMcode-projects Online Ordering System edit_product.php unrestricted uploadEPSS 0.4%CVE-2025-67260HIGHThe Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may aEPSS 0.4%CVE-2025-7181MEDIUMcode-projects Staff Audit System test.php unrestricted uploadEPSS 0.4%CVE-2025-3566MEDIUMveal98 小牛肉 Echo 开源社区系统 uploadMdPic unrestricted uploadEPSS 0.4%CVE-2025-8256MEDIUMcode-projects Online Ordering System product.php unrestricted uploadEPSS 0.4%CVE-2025-63994CRITICALAn arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager v2.7.6 allows attackers to execute arbitraEPSS 0.4%CVE-2026-33717HIGHAVideo Vulnerable to Remote Code Execution via Persistent PHP Temp File in Encoder downloadURL with Resolution Validation AbortEPSS 0.4%CVE-2025-8504MEDIUMcode-projects Kitchen Treasure userregistration.php unrestricted uploadEPSS 0.4%CVE-2024-10668MEDIUMAuth Bypass in QuickshareEPSS 0.4%