Falhas do tipo CWE-434
2.814 resultadosCVE-2024-8918HIGHFile Manager Pro <= 8.3.9 - Unauthenticated Limited JavaScript File UploadEPSS 0.3%CVE-2025-61768MEDIUMKuno CMS Vulnerable to Server-Side Request Forgery (SSRF) via Unsafe SVG UploadEPSS 0.3%CVE-2025-10480MEDIUMSourceCodester Online Student File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2024-47423HIGHAdobe Framemaker | Unrestricted Upload of File with Dangerous Type (CWE-434)EPSS 0.3%CVE-2023-5524HIGHM-Files Web Companion allows Remote Code Execution for some filetypesEPSS 0.3%CVE-2025-7413MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2024-49676MEDIUMWordPress Custom Icons for Elementor plugin <= 0.3.3 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-6667MEDIUMcode-projects Car Rental System add_cars.php unrestricted uploadEPSS 0.3%CVE-2024-53811MEDIUMWordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-31577MEDIUMWordPress Appointify plugin <= 1.0.8 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-13411MEDIUMCampcodes Retro Basketball Shoes Online Store admin_football.php unrestricted uploadEPSS 0.3%CVE-2025-7190MEDIUMcode-projects Library Management System student_edit_photo.php unrestricted uploadEPSS 0.3%CVE-2025-7412MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2026-1791LOWArbitrary File Upload Vulnerability in Operation and Maintenance Security GatewayEPSS 0.3%CVE-2026-0547MEDIUMPHPGurukul Online Course Registration Student Registration edit-student-profile.php unrestricted uploadEPSS 0.3%CVE-2025-9099MEDIUMAcrel Environmental Monitoring Cloud Platform UploadNewsImg unrestricted uploadEPSS 0.3%CVE-2026-46489HIGHSolidInvoice: Unrestricted file upload with no MIME validation allows stored XSS via malicious SVG logoEPSS 0.3%CVE-2026-40548MEDIUMUnrestricted Upload of File with Dangerous Type in SOPlanningEPSS 0.3%CVE-2024-45965MEDIUMContao before 5.5.6 allows XSS via an SVG document. This affects (in contao/core-bundle in Composer) 4.x before 4.13.54, 5.0.x through 5.3.xEPSS 0.3%CVE-2026-40262HIGHNote Mark has Stored XSS via Unrestricted Asset UploadEPSS 0.3%