Falhas do tipo CWE-434
2.804 resultadosCVE-2025-56218CRITICALAn arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.EPSS 0.7%CVE-2024-47655HIGHUnrestricted File Upload VulnerabilityEPSS 0.7%CVE-2024-7904MEDIUMDedeBIZ File Extension file_manage_control.php unrestricted uploadEPSS 0.7%CVE-2026-6271CRITICALCareer Section <= 1.7 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2024-6280MEDIUMSourceCodester Simple Online Bidding System unrestricted uploadEPSS 0.7%CVE-2026-25056CRITICALn8n Arbitrary File Write leading to RCE in n8n Merge NodeEPSS 0.7%CVE-2022-2647HIGHjeecg-boot unrestricted uploadEPSS 0.7%CVE-2023-45197CRITICALAdminer and AdminerEvo vulnerable to directory traversal and file uploadEPSS 0.7%CVE-2025-54071CRITICALRomM's authenticated arbitrary file write vulnerability can lead to Remote Code ExecutionEPSS 0.7%CVE-2023-53956HIGHFlatnux 2021-03.25 Authenticated File Upload Remote Code ExecutionEPSS 0.7%CVE-2025-27683HIGHVasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Driver Unrestricted Upload of File wEPSS 0.7%CVE-2024-40545HIGHAn arbitrary file upload vulnerability in the component /admin/cmsWebFile/doUpload of PublicCMS v4.0.202302.e allows attackers to execute arEPSS 0.7%CVE-2023-40204CRITICALWordPress Folders Plugin <= 2.9.2 is vulnerable to Arbitrary File UploadEPSS 0.7%CVE-2025-56704HIGHLeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded filesEPSS 0.7%CVE-2018-25436CRITICALWordPress Plugin Baggage Freight Shipping Australia 0.1.0 Arbitrary File UploadEPSS 0.7%CVE-2024-7905MEDIUMDedeBIZ archives_do.php AdminUpload unrestricted uploadEPSS 0.7%CVE-2026-7537HIGHMDJM Event Management <= 1.7.8.3 - Authenticated (Administrator+) Arbitrary File Upload via 'mdjm_email_upload_file' ParameterEPSS 0.7%CVE-2026-9227HIGHGutenBee <= 2.20.1 - Authenticated (Author+) Arbitrary File Upload via wp_check_filetype_and_ext FilterEPSS 0.7%CVE-2023-27881HIGHPTC Vuforia Studio Unrestricted Upload of File with Dangerous TypeEPSS 0.7%CVE-2020-6288MEDIUMSAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) allows an attacker with edit document rights to uploadEPSS 0.7%