Fallos del tipo CWE-646
10 resultadosCVE-2021-34639HIGHWordPress Download Manager <= 3.1.24 Authenticated Arbitrary File UploadEPSS 0.6%CVE-2024-52052CRITICALStream Target Remote Code Execution in Wowza Streaming EngineEPSS 0.5%CVE-2025-1889MEDIUMpicklescan - Security scanning bypass via non-standard file extensionsEPSS 0.4%CVE-2025-58449HIGHMaho Vulnerable to Authenticated Remote Code Execution via File UploadEPSS 0.3%CVE-2023-45599MEDIUMA CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality of the web applicatEPSS 0.2%CVE-2026-45315HIGHOpen WebUI: Stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptionsEPSS 0.2%CVE-2024-38432MEDIUMMatrix – Tafnit v8 CWE-646: Reliance on File Name or Extension of Externally-Supplied FileEPSS 0.2%CVE-2025-41720MEDIUMSauter: Arbitrary File UploadEPSS 0.2%CVE-2026-20172MEDIUMCisco Enterprise Chat and Email Lite Agent File Upload VulnerabilityEPSS 0.1%CVE-2025-30662MEDIUMZoom Workplace VDI Plugin macOS Universal Installer - Symlink FollowingEPSS 0.1%