Fallos del tipo CWE-434

2804 resultados
CVE-2024-51499HIGHMarkUs Arbitrary File Write leading up to remote code execution (student accounts)EPSS 0.7%CVE-2020-8974CRITICALZGR TPS200 NG Missing Reference to Active Allocated ResourceEPSS 0.7%CVE-2023-41725HIGHIvanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation VulnerabilityEPSS 0.7%CVE-2025-0731MEDIUMSMA: Sunny Portal Remote Code ExecutionEPSS 0.7%CVE-2025-13646HIGHModula 2.13.1 - 2.13.2 - Authenticated (Author+) Arbitrary File Upload via Race ConditionEPSS 0.7%CVE-2023-2888MEDIUMPHPOK unrestricted uploadEPSS 0.7%CVE-2024-2531MEDIUMMAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php unrestricted uploadEPSS 0.7%CVE-2024-4306CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in HubBankEPSS 0.7%CVE-2024-24026CRITICALAn arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserControllerEPSS 0.7%CVE-2022-2678MEDIUMSourceCodester Alphaware Simple E-Commerce System Background Management Page admin_feature.php unrestricted uploadEPSS 0.7%CVE-2022-2694MEDIUMSourceCodester Company Website CMS unrestricted uploadEPSS 0.7%CVE-2022-2909MEDIUMSourceCodester Simple and Nice Shopping Cart Script profile.php unrestricted uploadEPSS 0.7%CVE-2024-24550HIGHBludit - Remote Code Execution (RCE) through File APIEPSS 0.7%CVE-2022-41217CRITICALCloudflow - Unauthenticated file upload vulnerabilityEPSS 0.7%CVE-2023-5812MEDIUMflusity CMS upload.php handleFileUpload unrestricted uploadEPSS 0.7%CVE-2026-40488HIGHOpenMage LTS has Customer File Upload Extension Blocklist Bypass that Leads to Remote Code ExecutionEPSS 0.7%CVE-2024-10120MEDIUMwfh45678 Radar upload unrestricted uploadEPSS 0.7%CVE-2025-6002HIGHVirtueMart - Unrestricted File UploadEPSS 0.7%CVE-2024-56897CRITICALImproper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file downloads, uploads, and API commands. API commanEPSS 0.7%CVE-2023-47784HIGHWordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File UploadEPSS 0.7%