Falhas do tipo CWE-434
2.800 resultadosCVE-2024-42778HIGHAn Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. ThiEPSS 0.8%CVE-2024-42779HIGHAn Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_music" in Kashipara Music Management System v1.0. This aEPSS 0.8%CVE-2024-12233MEDIUMcode-projects Online Notice Board Profile Picture registration.php unrestricted uploadEPSS 0.8%CVE-2024-48782CRITICALFile Upload vulnerability in DYCMS Open-Source Version v2.0.9.41 allows a remote attacker to execute arbitrary code via the application onlyEPSS 0.8%CVE-2023-5919MEDIUMSourceCodester Company Website CMS Create Blog Page createblog unrestricted uploadEPSS 0.8%CVE-2024-5853CRITICALImage Optimizer, Resizer and CDN – Sirv <= 7.2.6 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.8%CVE-2022-33166HIGHIBM Security Directory Suite VA file uploadEPSS 0.8%CVE-2024-4927MEDIUMSourceCodester Simple Online Bidding System unrestricted uploadEPSS 0.8%CVE-2024-6431HIGHMedia.net Ads Manager <= 2.10.13 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.8%CVE-2024-6756HIGHSocial Auto Poster <= 5.3.14 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.8%CVE-2022-45548HIGHAyaCMS v3.1.2 has an Arbitrary File Upload vulnerability.EPSS 0.8%CVE-2024-6161HIGHDefault Thumbnail Plus <= 1.0.2.3 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.8%CVE-2022-50936HIGHWBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)EPSS 0.8%CVE-2023-23970CRITICALWordPress Corsa Theme <= 1.5 is vulnerable to Arbitrary File UploadEPSS 0.8%CVE-2024-8242MEDIUMMStore API – Create Native Android & iOS Apps On The Cloud <= 4.15.3 - Authenticated (Subscriber+) Limited Arbitrary File UploadEPSS 0.8%CVE-2024-25274CRITICALAn arbitrary file upload vulnerability in the component /sysFile/upload of Novel-Plus v4.3.0-RC1 allows attackers to execute arbitrary code EPSS 0.8%CVE-2023-53892HIGHBlackcat CMS 1.4 Remote Code Execution via Jquery Plugin ManagerEPSS 0.8%CVE-2024-33120CRITICALRoothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vuEPSS 0.8%CVE-2026-29186HIGH@backstage/plugin-techdocs-node: TechDocs Mkdocs Configuration Key Enables Arbitrary Code ExecutionEPSS 0.8%CVE-2022-2804MEDIUMSourceCodester Zoo Management System apply_vacancy.php unrestricted uploadEPSS 0.8%