Falhas do tipo CWE-434
2.795 resultadosCVE-2021-36426HIGHFile Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inc_lib/generalEPSS 1.1%CVE-2025-2008HIGHImport Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.1%CVE-2020-23591CRITICALA vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary fEPSS 1.1%CVE-2022-4506HIGHUnrestricted Upload of File with Dangerous Type in openemr/openemrEPSS 1.1%CVE-2022-44400CRITICALPurchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info.EPSS 1.1%CVE-2022-41537HIGHOnline Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /user_operaEPSS 1.1%CVE-2022-39978HIGHOnline Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List moEPSS 1.1%CVE-2022-39977HIGHOnline Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the User module. ThEPSS 1.1%CVE-2025-13374CRITICALKalrav AI Agent <= 2.3.3 - Unauthenticated Arbitrary File Upload via kalrav_upload_file AJAX ActionEPSS 1.1%CVE-2022-43083HIGHAn arbitrary file upload vulnerability in admin-add-vehicle.php of Vehicle Booking System v1.0 allows attackers to execute arbitrary code viEPSS 1.1%CVE-2022-43085HIGHAn arbitrary file upload vulnerability in add_product.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a craEPSS 1.1%CVE-2025-4317HIGHTheGem <= 5.10.3 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.1%CVE-2025-6586HIGHDownload Plugin <= 2.2.8 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.1%CVE-2023-29635CRITICALFile upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to functiEPSS 1.1%CVE-2022-3076HIGHCM Download Manager < 2.8.6 - Admin+ Arbitrary File UploadEPSS 1.1%CVE-2020-20735CRITICALFile Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter.EPSS 1.1%CVE-2023-5965MEDIUMUnrestricted Upload of File with Dangerous Type in EspoCRMEPSS 1.0%CVE-2022-50907HIGHe107 CMS v3.2.1 - Admin Upload Restriction Bypass + RCEEPSS 1.0%CVE-2023-5966MEDIUMUnrestricted Upload of File with Dangerous Type in EspoCRMEPSS 1.0%CVE-2024-43249CRITICALWordPress Bit Form Pro plugin <= 2.6.4 - Authenticated Arbitrary File Upload vulnerabilityEPSS 1.0%