Weaknesses of type CWE-434
2,821 resultsCVE-2026-41937HIGHVvveb < 1.0.8.3 Unrestricted File Upload RCE via Plugin UploadEPSS 0.4%CVE-2026-34031MEDIUMApache Answer: The custom avatar was not properly validatedEPSS 0.4%CVE-2025-6266MEDIUMTeledyne FLIR AX8 upload.php unrestricted uploadEPSS 0.4%CVE-2025-32744MEDIUMDell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker withEPSS 0.4%CVE-2025-9153MEDIUMitsourcecode Online Tour and Travel Management System travellers.php unrestricted uploadEPSS 0.4%CVE-2025-7898MEDIUMCodecanyon iDentSoft Account Setting Page updateSetting unrestricted uploadEPSS 0.4%CVE-2026-56414HIGHH.VIEW HV-500S6 IP Camera Unrestricted Upload of File with Dangerous TypeEPSS 0.4%CVE-2025-2687MEDIUMPHPGurukul eLearning System Image index.php unrestricted uploadEPSS 0.4%CVE-2025-0399MEDIUMStarSea99 starsea-mall uploadController.java UploadController unrestricted uploadEPSS 0.4%CVE-2025-63678LOWAn authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attEPSS 0.4%CVE-2024-44599HIGHFNT Command 13.4.0 is vulnerable to Directory Traversal.EPSS 0.4%CVE-2024-57407HIGHAn arbitrary file upload vulnerability in the component /userPicture of Timo v2.0.3 allows attackers to execute arbitrary code via uploadingEPSS 0.4%CVE-2026-25201HIGHAn unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server.
This issue EPSS 0.4%CVE-2025-4923MEDIUMSourceCodester Client Database Management System user_delivery_update.php unrestricted uploadEPSS 0.4%CVE-2025-7755MEDIUMcode-projects Online Ordering System edit_product.php unrestricted uploadEPSS 0.4%CVE-2025-65875HIGHAn arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via upEPSS 0.4%CVE-2025-7181MEDIUMcode-projects Staff Audit System test.php unrestricted uploadEPSS 0.4%CVE-2025-8256MEDIUMcode-projects Online Ordering System product.php unrestricted uploadEPSS 0.4%CVE-2025-3566MEDIUMveal98 小牛肉 Echo 开源社区系统 uploadMdPic unrestricted uploadEPSS 0.4%CVE-2026-33717HIGHAVideo Vulnerable to Remote Code Execution via Persistent PHP Temp File in Encoder downloadURL with Resolution Validation AbortEPSS 0.4%