Falhas do tipo CWE-434
2.804 resultadosCVE-2023-43269CRITICALpigcms up to 7.0 was discovered to contain an arbitrary file upload vulnerability.EPSS 0.6%CVE-2024-9975MEDIUMSourceCodester Drag and Drop Image Upload upload.php unrestricted uploadEPSS 0.6%CVE-2024-52490CRITICALWordPress Pathomation plugin <= 2.5.1 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-40784CRITICALDedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.EPSS 0.6%CVE-2024-28425HIGHgreykite v1.0.0 was discovered to contain an arbitrary file upload vulnerability in the load_obj function at /templates/pickle_utils.py. ThiEPSS 0.6%CVE-2025-0471CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in PMB platformEPSS 0.6%CVE-2024-51792CRITICALWordPress Audio Record plugin <= 1.0 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2026-35174CRITICALChyrp Lite has a Path Traversal to Remote Code ExecutionEPSS 0.6%CVE-2023-53950CRITICALInnovaStudio WYSIWYG Editor 5.4 Unrestricted File Upload via Filename ManipulationEPSS 0.6%CVE-2024-11122MEDIUM上海灵当信息科技有限公司 Lingdang CRM index.php unrestricted uploadEPSS 0.6%CVE-2024-51789CRITICALWordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2025-0722MEDIUMneedyamin image_gallery Cover Image gallery.php unrestricted uploadEPSS 0.6%CVE-2023-51475CRITICALWordPress WP MLM Unilevel Plugin <= 4.0 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2023-40051CRITICALProgress Application Server (PAS) for OpenEdge File Upload via Directory TraversalEPSS 0.6%CVE-2025-56265HIGHAn arbitrary file upload vulnerability in the Chat Trigger component of N8N v1.95.3, v1.100.1, and v1.101.1 allows attackers to execute arbiEPSS 0.6%CVE-2025-61506CRITICALAn issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /uplEPSS 0.6%CVE-2025-29394HIGHAn insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute arbitrary code by uploading a file type.EPSS 0.6%CVE-2024-56054CRITICALWordPress WPLMS plugin < 1.9.9.5.2 - Instructor+ Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-3800LOWEasyAdmin8 File Upload Module index.html unrestricted uploadEPSS 0.6%CVE-2022-46660HIGH
An unauthorized user could alter or write files with full control over the path and content of the file.
EPSS 0.6%