Fallos del tipo CWE-73
466 resultadosCVE-2023-36019CRITICALMicrosoft Power Platform Connector Spoofing VulnerabilityEPSS 16.2%CVE-2026-44127HIGHLocal File Inclusion (LFI) and Arbitrary File DeletionEPSS 15.7%CVE-2025-0105MEDIUMExpedition: Arbitrary File Deletion VulnerabilityEPSS 13.0%CVE-2026-21249LOWWindows NTLM Spoofing VulnerabilityEPSS 11.4%CVE-2025-6463HIGHForminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Form Submission DeletionEPSS 10.5%CVE-2022-24900CRITICALAbsolute Path Traversal due to incorrect use of `send_file` call in Piano LED VisualizerEPSS 8.0%CVE-2023-30943MEDIUMMoodle: tinymce loaders susceptible to arbitrary folder creationEPSS 6.6%CVE-2021-24966—Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File ClearingEPSS 5.2%CVE-2020-1631HIGHOut of Cycle Security Advisory: Junos OS: Security vulnerability in J-Web and web based (HTTP/HTTPS) servicesEPSS 4.7%KEVCVE-2022-0246—iQ Block Country < 1.2.13 - Admin+ Arbitrary File Deletion via Zip SlipEPSS 3.4%CVE-2023-39542HIGHA code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can creaEPSS 3.3%CVE-2026-33476HIGHSiYuan has an Unauthenticated Arbitrary File Read via Path TraversalEPSS 3.3%CVE-2025-68478HIGHLangflow Vulnerable to External Control of File Name or PathEPSS 3.3%CVE-2023-29324MEDIUMWindows MSHTML Platform Security Feature Bypass VulnerabilityEPSS 2.8%CVE-2020-2008HIGHPAN-OS: OS command injection or arbitrary file deletion vulnerabilityEPSS 2.8%CVE-2023-35985HIGHAn arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to propEPSS 2.7%CVE-2022-2431HIGHDownload Manager <= 3.2.50 - Authenticated (Contributor+) Arbitrary File DeletionEPSS 2.5%CVE-2022-32761MEDIUMAn information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7cEPSS 2.4%CVE-2014-2375—Ecava IntegraXor SCADA Server External Control of File Name or PathEPSS 2.3%CVE-2022-28710MEDIUMAn information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A speciallEPSS 2.3%