Falhas do tipo CWE-434
2.799 resultadosCVE-2023-6308MEDIUMXiamen Four-Faith Video Surveillance Management System Apache Struts unrestricted uploadEPSS 1.0%CVE-2022-1206HIGHAdRotate – Ad manager & AdSense Ads <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File UploadEPSS 1.0%CVE-2024-41577CRITICALAn arbitrary file upload vulnerability in the Ueditor component of productinfoquick v1.0 allows attackers to execute arbitrary code via uploEPSS 1.0%CVE-2024-40645HIGHFOG Authenticated File Upload RCEEPSS 1.0%CVE-2024-3242HIGHBrizy – Page Builder <= 2.4.44 - Authenticated (Contributor+) Arbitrary File UploadEPSS 1.0%CVE-2023-24202CRITICALRaffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php.EPSS 1.0%CVE-2023-0924HIGHZyrex Popup <= 1.0 - Admin+ Arbitrary File UploadEPSS 1.0%CVE-2023-48376CRITICALSmartStar Software CWS Web-Base - Arbitrary File UploadEPSS 1.0%CVE-2023-48371CRITICALITPison OMICARD EDM 's SMS - Arbitrary File UploadEPSS 1.0%CVE-2025-4800HIGHMasterStudy LMS Pro <= 4.7.0 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.0%CVE-2025-48471HIGHFreeScout Vulnerable to Arbitrary File UploadEPSS 1.0%CVE-2024-7384HIGHAcyMailing <= 9.7.2 - Authenticated (Subscriber+) Arbitrary File Upload via acym_extractArchive FunctionEPSS 1.0%CVE-2023-0714HIGHMetform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File UploadEPSS 1.0%CVE-2024-6123HIGHBit Form <= 2.13.3 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.0%CVE-2022-37346CRITICALEC-CUBE plugin 'Product Image Bulk Upload Plugin' 1.0.0 and 4.1.0 contains an insufficient verification vulnerability when uploading files. EPSS 1.0%CVE-2020-7864HIGHRaonwiz DEXT5 Editor File upload and Execution vulnerabilityEPSS 1.0%CVE-2023-29625HIGHEmployee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execuEPSS 1.0%CVE-2022-41538HIGHWedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_EPSS 1.0%CVE-2022-1345CRITICALStored XSS viva .svg file upload in causefx/organizrEPSS 1.0%CVE-2022-30529HIGHFile upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitraryEPSS 1.0%