Falhas do tipo CWE-616
9 resultadosCVE-2023-38947HIGHAn arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary codeEPSS 0.5%CVE-2025-67084CRITICALFile upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, whichEPSS 0.4%CVE-2024-29858CRITICALIn MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload.EPSS 0.4%CVE-2024-31601CRITICALAn issue in Beijing Panabit Network Software Co., Ltd Panalog big data analysis platform v. 20240323 and before allows attackers to execute EPSS 0.4%CVE-2026-22789MEDIUMWebErpMesv2 has a File Upload Validation Bypass Leading to RCEEPSS 0.2%CVE-2025-59402MEDIUMFlock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL EPSS 0.2%CVE-2025-52130MEDIUMFile upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticateEPSS 0.2%CVE-2024-52305MEDIUMUnoPim Stored XSS : Cookie hijacking through Create User functionEPSS 0.2%CVE-2024-28520MEDIUMFile Upload vulnerability in Byzoro Networks Smart multi-service security gateway intelligent management platform version S210, allows an atEPSS 0.2%