Weaknesses of type CWE-434
2,824 resultsCVE-2025-6466MEDIUMageerle ruoyi-ai SseServiceImpl.java upload unrestricted uploadEPSS 0.3%CVE-2025-13185MEDIUMBdtask/CodeCanyon News365 profile unrestricted uploadEPSS 0.3%CVE-2024-50625HIGHAn issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipEPSS 0.3%CVE-2024-7987HIGHRockwell Automation ThinManager® ThinServer™ Information Disclosure and Remote Code Execution VulnerabilitiesEPSS 0.3%CVE-2025-9415MEDIUMGreenCMS index.php unrestricted uploadEPSS 0.3%CVE-2025-14199MEDIUMVerysync 微力同步 Web Administration text.txt unrestricted uploadEPSS 0.3%CVE-2025-64374CRITICALWordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2026-24815CRITICALA XStream Security Vulnerability in XML Deserialization in datavane/tisEPSS 0.3%CVE-2024-8918HIGHFile Manager Pro <= 8.3.9 - Unauthenticated Limited JavaScript File UploadEPSS 0.3%CVE-2025-15423MEDIUMEmpireSoft EmpireCMS connect.php CheckSaveTranFiletype unrestricted uploadEPSS 0.3%CVE-2025-61768MEDIUMKuno CMS Vulnerable to Server-Side Request Forgery (SSRF) via Unsafe SVG UploadEPSS 0.3%CVE-2025-52078MEDIUMFile upload vulnerability in Writebot AI Content Generator SaaS React Template thru 4.0.0, allowing remote attackers to gain escalated priviEPSS 0.3%CVE-2025-10480MEDIUMSourceCodester Online Student File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2024-47423HIGHAdobe Framemaker | Unrestricted Upload of File with Dangerous Type (CWE-434)EPSS 0.3%CVE-2023-5524HIGHM-Files Web Companion allows Remote Code Execution for some filetypesEPSS 0.3%CVE-2026-1791LOWArbitrary File Upload Vulnerability in Operation and Maintenance Security GatewayEPSS 0.3%CVE-2024-49676MEDIUMWordPress Custom Icons for Elementor plugin <= 0.3.3 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-6667MEDIUMcode-projects Car Rental System add_cars.php unrestricted uploadEPSS 0.3%CVE-2025-7412MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2024-53811MEDIUMWordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerabilityEPSS 0.3%