Weaknesses of type CWE-434
2,824 resultsCVE-2025-7412MEDIUMcode-projects Library System profile.php unrestricted uploadEPSS 0.3%CVE-2026-1791LOWArbitrary File Upload Vulnerability in Operation and Maintenance Security GatewayEPSS 0.3%CVE-2025-6667MEDIUMcode-projects Car Rental System add_cars.php unrestricted uploadEPSS 0.3%CVE-2026-46489HIGHSolidInvoice: Unrestricted file upload with no MIME validation allows stored XSS via malicious SVG logoEPSS 0.3%CVE-2026-0547MEDIUMPHPGurukul Online Course Registration Student Registration edit-student-profile.php unrestricted uploadEPSS 0.3%CVE-2026-40548MEDIUMUnrestricted Upload of File with Dangerous Type in SOPlanningEPSS 0.3%CVE-2025-9099MEDIUMAcrel Environmental Monitoring Cloud Platform UploadNewsImg unrestricted uploadEPSS 0.3%CVE-2024-45965MEDIUMContao before 5.5.6 allows XSS via an SVG document. This affects (in contao/core-bundle in Composer) 4.x before 4.13.54, 5.0.x through 5.3.xEPSS 0.3%CVE-2026-4220MEDIUMTechnologies Integrated Management Platform SetWebpagePic.jsp unrestricted uploadEPSS 0.3%CVE-2026-0577MEDIUMcode-projects Online Product Reservation System prod.php unrestricted uploadEPSS 0.3%CVE-2026-40262HIGHNote Mark has Stored XSS via Unrestricted Asset UploadEPSS 0.3%CVE-2025-8128MEDIUMzhousg letao product.js unrestricted uploadEPSS 0.3%CVE-2025-6848MEDIUMcode-projects Simple Forum forum1.php unrestricted uploadEPSS 0.3%CVE-2025-41347HIGHStored Cross-Site Scripting (XSS) in WinPlus by Informática del EsteEPSS 0.3%CVE-2026-3187MEDIUMfeiyuchuixue sz-boot-parent API Endpoint upload unrestricted uploadEPSS 0.3%CVE-2025-53251CRITICALWordPress Pin WP theme < 7.2 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2025-53213CRITICALWordPress ReachShip WooCommerce Multi-Carrier & Conditional Shipping <= 4.3.1 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2025-27714MEDIUMINFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous TypeEPSS 0.3%CVE-2024-51991LOWOctober CMS Allows Unprotected SVG Rename in Media ManagerEPSS 0.3%CVE-2025-0645HIGHArbitrary File Upload in Narkom Communication Technologies' Pyxis SignageEPSS 0.3%