Falhas do tipo CWE-434
2.796 resultadosCVE-2024-3912CRITICALASUS Router - Upload arbitrary firmwareEPSS 1.0%CVE-2024-9660HIGHSchool Management <= 91.5.0 - Authenticated (Student+) Arbitrary File UploadEPSS 1.0%CVE-2025-34097HIGHProcessMaker < 3.5.4 Authenticated Plugin Upload RCEEPSS 1.0%CVE-2024-6828HIGHRedux Framework 4.4.12 - 4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site ScriptingEPSS 1.0%CVE-2025-67886MEDIUMBitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload EPSS 1.0%CVE-2024-49607CRITICALWordPress WP Dropbox Dropins plugin <= 1.0 - Arbitrary File Upload vulnerabilityEPSS 1.0%CVE-2023-1415MEDIUMSimple Art Gallery adminHome.php sliderPicSubmit unrestricted uploadEPSS 1.0%CVE-2024-4397HIGHLearnPress – WordPress LMS Plugin <= 4.2.6.5 - Authenticated (Instructor+) Arbitrary File UploadEPSS 1.0%CVE-2022-47042HIGHMCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do.EPSS 1.0%CVE-2023-30613HIGHKiwi TCMS unrestricted file upload vulnerabilityEPSS 1.0%CVE-2023-5860HIGHIcons Font Loader <= 1.1.2 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.0%CVE-2023-47621HIGHRemote code execution via file uploads in guest-entries EPSS 1.0%CVE-2021-42123HIGHMissing Upload Filter in TopEaseEPSS 1.0%CVE-2024-4389HIGHSlider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.1.1 - Authenticated (Contributor+) Arbitrary File UploadEPSS 1.0%CVE-2022-3478MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.EPSS 1.0%CVE-2024-8019CRITICALArbitrary File Write/Overwrite in lightning-ai/pytorch-lightningEPSS 1.0%CVE-2023-0670HIGHUlearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution onEPSS 1.0%CVE-2025-34329CRITICALAudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated Backup Upload RCE via ajaxBackupUploadFile.phpEPSS 1.0%CVE-2024-50427CRITICALWordPress SurveyJS plugin <= 1.9.136 - Arbitrary File Upload vulnerabilityEPSS 1.0%CVE-2023-1970MEDIUMyuan1994 tpAdmin Upload.php Upload unrestricted uploadEPSS 1.0%