Weaknesses of type CWE-434

2,823 results
CVE-2025-20375MEDIUMCisco Unified Contact Center Express Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-12862MEDIUMprojectworlds Online Notes Sharing Platform userprofile.php unrestricted uploadEPSS 0.4%CVE-2025-7152MEDIUMCampcodes Advanced Online Voting System candidates_add.php unrestricted uploadEPSS 0.4%CVE-2025-68562CRITICALWordPress MapSVG plugin <= 8.7.3 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-7124MEDIUMcode-projects Online Note Sharing Profile Image userprofile.php unrestricted uploadEPSS 0.4%CVE-2025-63748HIGHQaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The applicatEPSS 0.4%CVE-2025-7210MEDIUMcode-projects/Fabian Ros Library Management System profile_update.php unrestricted uploadEPSS 0.4%CVE-2025-39380CRITICALWordPress Hospital Management System plugin <= 47.0(20-11-2023) - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2026-30761HIGHAn arbitrary file upload vulnerability in the pages/admin.uploadmapimg.php component of SourceBans Material Admin v1.1.6 allows attackers toEPSS 0.4%CVE-2025-1791MEDIUMZorlan SkyCaiji Tool.php fileAction unrestricted uploadEPSS 0.4%CVE-2025-31339MEDIUMWisdom Master Pro - Unrestricted Upload of File with Dangerous TypeEPSS 0.4%CVE-2026-27043HIGHWordPress Photography theme < 7.7.6 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2026-7852CRITICALUnrestricted File Upload in Limatek's LimRAD NACEPSS 0.4%CVE-2025-54473CRITICALExtension - phoca.cz - Authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for JoomlaEPSS 0.4%CVE-2025-12346MEDIUMMaxSite CMS HTTP Header uploads-require-maxsite.php unrestricted uploadEPSS 0.4%CVE-2024-8725MEDIUMAdvanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Limited File UploadEPSS 0.4%CVE-2024-13355MEDIUMAdmin and Customer Messages After Order for WooCommerce <= 13.2 - Authenticated (Subscriber+) Limited File Upload to Cross-Site ScriptingEPSS 0.4%CVE-2026-1061MEDIUMxiweicheng TMS FileController.java upload unrestricted uploadEPSS 0.4%CVE-2024-42375MEDIUMMultiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence PlatformEPSS 0.4%CVE-2025-4291MEDIUMIdeaCMS saveUpload unrestricted uploadEPSS 0.4%