Falhas do tipo CWE-434

2.804 resultados
CVE-2024-10766MEDIUMCodezips Free Exam Hall Seating Management System save_user.php unrestricted uploadEPSS 0.5%CVE-2022-0912MEDIUMUnrestricted Upload of File with Dangerous Type in microweber/microweberEPSS 0.5%CVE-2024-52476CRITICALWordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2023-45724HIGHUnauthenticated File Upload affects DRYiCE MyXalyticsEPSS 0.5%CVE-2024-33006CRITICALFile upload vulnerability in SAP NetWeaver Application Server ABAP and ABAP PlatformEPSS 0.5%CVE-2024-51790CRITICALWordPress HB AUDIO GALLERY plugin <= 3.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-60947HIGHCensus CSWeb arbitrary file uploadEPSS 0.5%CVE-2025-10001HIGHImport any XML, CSV or Excel File to WordPress <= 3.9.3 - Authenticated (Admin+) Limited Unsafe File UploadEPSS 0.5%CVE-2025-10049HIGHResponsive Filterable Portfolio <= 1.0.24 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.5%CVE-2024-22152HIGHWordPress Product Import Export for WooCommerce Plugin <= 2.3.7 is vulnerable to Arbitrary File UploadEPSS 0.5%CVE-2024-22135HIGHWordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.3 is vulnerable to Arbitrary File UploadEPSS 0.5%CVE-2025-6423HIGHBeeTeam368 Extensions <= 2.3.5 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.5%CVE-2025-67968CRITICALWordPress Real Homes CRM plugin <= 1.0.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-48646HIGHAn Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validatioEPSS 0.5%CVE-2024-31453MEDIUMPsiTransfer vulnerable to violation of the integrity of file distributionEPSS 0.5%CVE-2024-58313HIGHxbtitFM 4.1.18 Insecure File Upload in file_hosting FeatureEPSS 0.5%CVE-2024-31454MEDIUMPsiTransfer file integrity violation vulnerabilityEPSS 0.5%CVE-2024-6117CRITICALHamastar MeetingHub Paperless Meetings - Unrestricted Upload of File with Dangerous TypeEPSS 0.5%CVE-2026-27891HIGHRemote Code Execution (RCE) via Zip Slip in Plugin Upload MechanismEPSS 0.5%CVE-2025-5012HIGHWorkreap <= 3.3.2 - Authenticated (Subscriber+) Arbitrary File Upload via 'workreap_temp_upload_to_media'EPSS 0.5%