Fallos del tipo CWE-434
2814 resultadosCVE-2026-40262HIGHNote Mark has Stored XSS via Unrestricted Asset UploadEPSS 0.3%CVE-2026-0577MEDIUMcode-projects Online Product Reservation System prod.php unrestricted uploadEPSS 0.3%CVE-2026-4220MEDIUMTechnologies Integrated Management Platform SetWebpagePic.jsp unrestricted uploadEPSS 0.3%CVE-2025-6848MEDIUMcode-projects Simple Forum forum1.php unrestricted uploadEPSS 0.3%CVE-2025-8128MEDIUMzhousg letao product.js unrestricted uploadEPSS 0.3%CVE-2025-53213CRITICALWordPress ReachShip WooCommerce Multi-Carrier & Conditional Shipping <= 4.3.1 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2026-3187MEDIUMfeiyuchuixue sz-boot-parent API Endpoint upload unrestricted uploadEPSS 0.3%CVE-2025-53251CRITICALWordPress Pin WP theme < 7.2 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2024-51991LOWOctober CMS Allows Unprotected SVG Rename in Media ManagerEPSS 0.3%CVE-2025-27714MEDIUMINFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous TypeEPSS 0.3%CVE-2026-34735HIGHHytale Modding Vulnerable to Remote Code Execution via File Upload Bypass in `FileController`EPSS 0.3%CVE-2025-0645HIGHArbitrary File Upload in Narkom Communication Technologies' Pyxis SignageEPSS 0.3%CVE-2026-34027MEDIUMUpload restriction bypass in Wertheim SafeController Software allows authenticated users to upload arbitrary filesEPSS 0.3%CVE-2025-11320MEDIUMzhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted uploadEPSS 0.3%CVE-2026-0566MEDIUMcode-projects Content Management System edit_posts.php unrestricted uploadEPSS 0.3%CVE-2025-14938MEDIUMListeo-Core - Directory Plugin by Purethemes <= 2.0.27 - Unauthenticated Arbitrary Media UploadEPSS 0.3%CVE-2025-13573MEDIUMprojectworlds can pass malicious payloads add_book.php unrestricted uploadEPSS 0.3%CVE-2025-7906MEDIUMyangzongzhuan RuoYi CommonController.java uploadFile unrestricted uploadEPSS 0.3%CVE-2025-14842MEDIUMDrag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.2 - Unauthenticated Limited Arbitrary File UploadEPSS 0.3%CVE-2025-7864MEDIUMthinkgem JeeSite FileUploadController.java upload unrestricted uploadEPSS 0.3%