Falhas do tipo CWE-434
2.804 resultadosCVE-2023-6794MEDIUMPAN-OS: File Upload Vulnerability in the Web InterfaceEPSS 0.6%CVE-2024-46441HIGHAn arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code via a ZIP archive to themePutFile in app/comEPSS 0.6%CVE-2024-58283HIGHWBCE CMS 1.6.2 Remote Code Execution via Elfinder File UploadEPSS 0.6%CVE-2023-20195MEDIUMTwo vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit tEPSS 0.6%CVE-2023-20196MEDIUMTwo vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit tEPSS 0.6%CVE-2025-4561HIGHKinfor KFOX - Arbitrary File UploadEPSS 0.6%CVE-2022-29451HIGHWordPress Rara One Click Demo Import plugin <= 1.2.9 - Cross-Site Request Forgery (CSRF) leads to Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2024-2268MEDIUMkeerti1924 Online-Book-Store-Website unrestricted uploadEPSS 0.6%CVE-2024-1532MEDIUMA vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor couEPSS 0.6%CVE-2026-1222HIGHBROWAN COMMUNICATIONS |PrismX MX100 AP controller - Arbitrary File UploadEPSS 0.6%CVE-2025-22137CRITICALArbitrary File Overwrite via HTTP POST in Pingvin ShareEPSS 0.6%CVE-2025-48106CRITICALWordPress Clanora theme < 1.3.1 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2024-2394MEDIUMSourceCodester Employee Management System add-admin.php unrestricted uploadEPSS 0.6%CVE-2025-68001CRITICALWordPress g-FFL Checkout plugin <= 2.1.0 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2025-12867HIGHHundred Plus|EIP Plus - Arbitrary File UplaodEPSS 0.6%CVE-2025-29411CRITICALAn arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute aEPSS 0.6%CVE-2026-9102CRITICALPath Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File WriteEPSS 0.6%CVE-2025-6161MEDIUMSourceCodester Simple Food Ordering System editproduct.php unrestricted uploadEPSS 0.6%CVE-2024-25802CRITICALSKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the filEPSS 0.6%CVE-2025-13069HIGHEnable SVG, WebP, and ICO Upload <= 1.1.3 - Authenticated (Author+) Arbitrary File Upload via ICO Upload BypassEPSS 0.6%