Falhas do tipo CWE-434
2.795 resultadosCVE-2023-33569HIGHSourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via ip/eval/ajax.php?action=update_user.EPSS 1.1%CVE-2023-24269HIGHAn arbitrary file upload vulnerability in the plugin upload function of Textpattern v4.8.8 allows attackers to execute arbitrary code via a EPSS 1.1%CVE-2020-19028HIGH*File Upload vulnerability found in Emlog EmlogCMS v.6.0.0 allows a remote attacker to gain access to sensitive information via the /admin/pEPSS 1.1%CVE-2024-6313CRITICALGutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File UploadEPSS 1.1%CVE-2022-45896CRITICALPlanet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. UploadEPSS 1.1%CVE-2022-44036HIGHIn b2evolution 7.2.5, if configured with admins_can_manipulate_sensitive_files, arbitrary file upload is allowed for admins, leading to commEPSS 1.1%CVE-2023-51034HIGHTOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface.EPSS 1.1%CVE-2024-31411MEDIUMApache StreamPipes: Potential remote code execution (RCE) via file uploadEPSS 1.1%CVE-2023-25921HIGHIBM Security Guardium Key Lifecycle Manager file uploadEPSS 1.1%CVE-2023-23328HIGHA File Upload vulnerability exists in AvantFAX 3.3.7. An authenticated user can bypass PHP file type validation in FileUpload.php by uploadiEPSS 1.1%CVE-2021-43934CRITICALElcomplus SmartPtt Unrestricted Upload of File with Dangerous TypeEPSS 1.1%CVE-2024-39397CRITICALAdobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434)EPSS 1.1%CVE-2023-29657HIGHeXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbiEPSS 1.1%CVE-2024-10410MEDIUMSourceCodester Online Hotel Reservation System controller.php upload unrestricted uploadEPSS 1.1%CVE-2023-24720CRITICALAn arbitrary file upload vulnerability in readium-js v0.32.0 allows attackers to execute arbitrary code via uploading a crafted EPUB file.EPSS 1.1%CVE-2020-36897CRITICALQiHang Media Web Digital Signage 3.0.9 Unauthenticated Remote Code ExecutionEPSS 1.1%CVE-2022-43231HIGHCanteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/manage_website.php. This vulEPSS 1.1%CVE-2022-24749MEDIUMBasic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in SyliusEPSS 1.1%CVE-2023-25655CRITICALbaserCMS allows any file to be uploadedEPSS 1.1%CVE-2024-4820MEDIUMSourceCodester Online Computer and Laptop Store unrestricted uploadEPSS 1.1%