Falhas do tipo CWE-434
2.795 resultadosCVE-2023-2245MEDIUMhansunCMS unrestricted uploadEPSS 1.3%CVE-2024-1205HIGHManagement App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring <= 1.2.2 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.3%CVE-2013-10044HIGHOpenEMR ≤ 4.1.1 SQL Injection Privilege Escalation and RCEEPSS 1.3%CVE-2024-29514HIGHFile Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP fiEPSS 1.3%CVE-2024-1986HIGHElite Booster for WooCommerce <= 7.1.7 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.3%CVE-2026-4809CRITICALUnsafe Client MIME Type Handling Can Enable Arbitrary File Upload in plank/laravel-mediableEPSS 1.3%CVE-2024-53345HIGHAn authenticated arbitrary file upload vulnerability in Car Rental Management System v1.0 to v1.3 allows attackers to execute arbitrary codeEPSS 1.3%CVE-2022-23155HIGHDell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileEPSS 1.3%CVE-2023-6636HIGHGreenshift – animation and page builder blocks <= 7.6.2 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.3%CVE-2023-6826HIGHE2Pdf <= 1.20.25 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.3%CVE-2022-48008CRITICALAn arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted EPSS 1.3%CVE-2025-7437CRITICALEbook Store <= 5.8012 - Unauthenticated Arbitrary File UploadEPSS 1.3%CVE-2023-6827HIGHEssential Real Estate <= 4.3.5 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.3%CVE-2022-2594—Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File UploadEPSS 1.3%CVE-2020-21325HIGHAn issue in WUZHI CMS v.4.1.0 allows a remote attacker to execute arbitrary code via the set_chache method of the function\common.func.php fEPSS 1.3%CVE-2020-20067HIGHFile upload vulnerability in ebCMS v.1.1.0 allows a remote attacker to execute arbitrary code via the upload type parameter.EPSS 1.3%CVE-2020-36863HIGHNagios XI < 5.7.2 Unrestricted File Upload via Audio Import DirectoryEPSS 1.3%CVE-2009-20011CRITICALContentKeeper Web Appliance < 125.10 RCE via mimencodeEPSS 1.3%CVE-2022-1519CRITICALLRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, includingEPSS 1.3%CVE-2023-22726HIGHUnrestricted file upload leading to privilege escalation in actEPSS 1.3%