Falhas do tipo CWE-434

2.800 resultados
CVE-2025-34046CRITICALFanwei E-Office Unauthenticated File UploadEPSS 0.8%CVE-2024-57408HIGHAn arbitrary file upload vulnerability in the component /comm/upload of cool-admin-java v1.0 allows attackers to execute arbitrary code via EPSS 0.8%CVE-2022-2804MEDIUMSourceCodester Zoo Management System apply_vacancy.php unrestricted uploadEPSS 0.8%CVE-2024-3412CRITICALWP STAGING WordPress Backup Plugin – Migration Backup Restore <= 3.4.3 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.8%CVE-2020-37113HIGHGUnet OpenEclass 1.7.3 E-learning platform - File Upload Extension BypassEPSS 0.8%CVE-2024-0505MEDIUMZhongFuCheng3y Austin Upload Material Menu MaterialController.java getFile unrestricted uploadEPSS 0.8%CVE-2023-6723CRITICALUnrestricted Upload of File with Dangerous Type in RepoxEPSS 0.8%CVE-2022-2356MEDIUMUser Private Files < 1.1.3 - Subscriber+ Arbitrary File UploadEPSS 0.8%CVE-2023-5790MEDIUMSourceCodester File Manager App add-file.php unrestricted uploadEPSS 0.8%CVE-2024-4197CRITICALAvaya IP Office One-X Portal File Upload VulnerabilityEPSS 0.8%CVE-2023-30090CRITICALSemcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability alEPSS 0.8%CVE-2024-38530CRITICALOpen eClass Platform allows Arbitrary File Upload in "modules/h5p/save.php"EPSS 0.8%CVE-2023-3798MEDIUMChengdu Flash Flood Disaster Monitoring and Warning System upload.aspx unrestricted uploadEPSS 0.8%CVE-2023-3503MEDIUMSourceCodester Shopping Website insert-product.php unrestricted uploadEPSS 0.8%CVE-2025-25783CRITICALAn arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via EPSS 0.8%CVE-2022-50993CRITICALWeaver E-office < 10.0_20221201 Unauthenticated Arbitrary File Read via XmlRpcServletEPSS 0.8%CVE-2023-1561MEDIUMcode-projects Simple Online Hotel Reservation System add_room.php unrestricted uploadEPSS 0.8%CVE-2024-28423CRITICALAirflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafe_load function at cli.py. This vulneraEPSS 0.8%CVE-2020-37090HIGHSchool ERP Pro 1.0 - Remote Code ExecutionEPSS 0.8%CVE-2024-13908HIGHSMTP by BestWebSoft <= 1.1.9 - Authenticated (Administrator+) Arbitrary File UploadEPSS 0.8%