Falhas do tipo CWE-434
2.804 resultadosCVE-2025-7917HIGHSimopro Technology|WinMatrix3 Web package - Arbitrary File UploadEPSS 0.5%CVE-2024-45076CRITICALIBM webMethods Integration code executionEPSS 0.5%CVE-2024-9280MEDIUMkalvinGit kvf-admin FileUploadKit.java fileUpload unrestricted uploadEPSS 0.5%CVE-2025-61417HIGHCross-Site Scripting (XSS) vulnerability exists in TastyIgniter 3.7.7, affecting the /admin/media_manager component. Attackers can upload a EPSS 0.5%CVE-2024-8940CRITICALUnrestricted Upload of File with Dangerous Type vulnerability on ScriptcaseEPSS 0.5%CVE-2024-56829CRITICALHuang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of theEPSS 0.5%CVE-2025-4413HIGHPixabay Images <= 3.4 - Authenticated (Author+) Arbitrary File UploadEPSS 0.5%CVE-2026-1565HIGHUser Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Authenticated (Author+) Arbitrary File UploadEPSS 0.5%CVE-2022-2872LOWUnrestricted Upload of File with Dangerous Type in octoprint/octoprintEPSS 0.5%CVE-2024-53619MEDIUMAn authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3 allows attackers to execute arbitrary code via uEPSS 0.5%CVE-2025-29009CRITICALWordPress Medical Prescription Attachment Plugin for WooCommerce <= 1.2.3 - Arbitrary File Upload VulnerabilityEPSS 0.5%CVE-2023-32225CRITICAL Sysaid - CWE-434: Unrestricted Upload of File with Dangerous TypeEPSS 0.5%CVE-2024-47259LOWGirishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input valEPSS 0.5%CVE-2023-0257MEDIUMSourceCodester Online Food Ordering System Menu Form unrestricted uploadEPSS 0.5%CVE-2024-31377CRITICALWordPress WP Photo Album Plus plugin <= 8.7.01.001 - Unauth. Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-13689HIGHDataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environmentEPSS 0.5%CVE-2026-0911HIGHHustle <= 7.8.9.2 - Authenticated (Subscriber+) Arbitrary File Upoload via Module ImportEPSS 0.5%CVE-2023-4097HIGHMultiple vulnerabilities in IDM Sistemas QSigeEPSS 0.5%CVE-2020-37227HIGHWordPress Plugin HS Brand Logo Slider 2.1 Unrestricted File UploadEPSS 0.5%CVE-2024-7277MEDIUMitsourcecode Alton Management System Add a Menu menu.php unrestricted uploadEPSS 0.5%