Falhas do tipo CWE-434
2.793 resultadosCVE-2020-36701HIGHPage Builder: KingComposer < 2.9.4 - Arbitrary File UploadEPSS 1.5%CVE-2025-34111CRITICALTiki Wiki <= 15.1 ELFinder Unauthenticated File Upload RCEEPSS 1.5%CVE-2014-125126CRITICALSimple E-Document Arbitrary File Upload RCEEPSS 1.5%CVE-2023-45554CRITICALFile Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter frEPSS 1.5%CVE-2023-31857CRITICALSourcecodester Online Computer and Laptop Store 1.0 allows unrestricted file upload and can lead to remote code execution. The vulnerabilityEPSS 1.5%CVE-2024-7772CRITICALJupiter X Core <= 4.6.5 - Unauthenticated Arbitrary File UploadEPSS 1.5%CVE-2021-4330HIGHEnvato Elements <= 2.0.10 & Template Kit <= 1.0.13 - Authenticated (Contributor+) Arbitrary File UploadEPSS 1.5%CVE-2012-10036CRITICALProject Pier <= 0.8.8 Arbitrary File Upload RCEEPSS 1.5%CVE-2024-13365CRITICALSecurity & Malware scan by CleanTalk <= 2.149 - Unauthenticated Arbitrary File UploadEPSS 1.5%CVE-2023-4122CRITICALStudent Information System v1.0 - Insecure File UploadEPSS 1.5%CVE-2024-1311HIGHBrizy – Page Builder <= 2.4.40 - Authenticated (Contributor+) Arbitrary File UploadEPSS 1.5%CVE-2023-6925HIGHUnlimited Addons for WPBakery Page Builder <= 1.0.42 - Authenticated (Editor+) Arbitrary File UploadEPSS 1.5%CVE-2014-125119HIGHWinRAR < 5.00 Filename Spoofing RCEEPSS 1.5%CVE-2022-24387CRITICALFile upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010EPSS 1.5%CVE-2022-0537—MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code ExecutionEPSS 1.5%CVE-2023-30247CRITICALFile Upload vulnerability found in Oretnom23 Storage Unit Rental Management System v.1.0 allows a remote attacker to execute arbitrary code EPSS 1.5%CVE-2012-10030CRITICALFreeFloat FTP Server Arbitrary File UploadEPSS 1.5%CVE-2023-51590CRITICALVoltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution VulnerabilityEPSS 1.5%CVE-2025-57642HIGHA Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the seEPSS 1.5%CVE-2024-23630CRITICALMotorola MR2600 Arbitrary Firmware Upload VulnerabilityEPSS 1.5%