Fallos del tipo CWE-434

2804 resultados
CVE-2025-52353CRITICALAn arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embeEPSS 0.6%CVE-2026-6933HIGHPremmerce Dev Tools <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via Plugin CreationEPSS 0.6%CVE-2023-2063MEDIUMInformation disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP ModulesEPSS 0.6%CVE-2024-1921MEDIUMosuuu LightPicture Setup.php unrestricted uploadEPSS 0.6%CVE-2025-46193CRITICALSourceCodester Client Database Management System 1.0 is vulnerable to Remote code execution via Arbitrary file upload in user_proposal_updatEPSS 0.6%CVE-2024-3117MEDIUMYouDianCMS ChannelAction.class.php unrestricted uploadEPSS 0.6%CVE-2024-48093HIGHUnrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to achieve Remote Code Execution via uploadingEPSS 0.6%CVE-2024-27964HIGHWordPress Zippy plugin <= 1.6.9 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-51410CRITICALWordPress WP Mail Log Plugin <= 1.1.2 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2023-51417CRITICALWordPress JVM rich text icons Plugin <= 1.2.3 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2025-39436CRITICALWordPress I Draw <= 1.0 - Arbitrary File Upload VulnerabilityEPSS 0.6%CVE-2025-26776CRITICALWordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2024-2565MEDIUMPandaXGO PandaX File Extension upload.go unrestricted uploadEPSS 0.6%CVE-2025-12138HIGHURL Image Importer <= 1.0.6 - Authenticated (Author+) Arbitrary File UploadEPSS 0.6%CVE-2024-24714HIGHWordPress Icons Font Loader Plugin <= 1.1.4 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2023-6090CRITICALWordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2023-47842CRITICALWordPress CataBlog plugin <= 1.7.0 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2024-31292HIGHWordPress Import XML and RSS Feeds plugin <= 2.1.5 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-47846CRITICALWordPress WP Githuber MD plugin <= 1.16.2 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-6091HIGHWordPress Theme Editor plugin <= 2.7.1 - Arbitrary File Upload vulnerabilityEPSS 0.6%