Weaknesses of type CWE-434

2,824 results
CVE-2024-42180LOWHCL MyXalytics is affected by a malicious file upload vulnerabilityEPSS 0.2%CVE-2025-62182MEDIUMPega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.EPSS 0.2%CVE-2025-52449HIGHUnrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Extensible Protocol Service moEPSS 0.2%CVE-2025-67707MEDIUMUnvalidated File Upload vulnerability in ArcGIS Server.EPSS 0.2%CVE-2025-70849MEDIUMArbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the /storEPSS 0.2%CVE-2026-45089HIGHDalfox: Unauthenticated Arbitrary File Create/Append via `output` Option in Dalfox Server ModeEPSS 0.2%CVE-2019-25626HIGHRiver Past Cam Do 3.7.6 Local Buffer Overflow in Activation CodeEPSS 0.2%CVE-2025-55135MEDIUMIn Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats oEPSS 0.2%CVE-2025-7487MEDIUMJoeyBling SpringBoot_MyBatisPlus upload SysFileController unrestricted uploadEPSS 0.2%CVE-2025-60731HIGHPerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme functionEPSS 0.2%CVE-2025-60735HIGHPerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin functionEPSS 0.2%CVE-2024-34683MEDIUMUnrestricted file upload in SAP Document Builder (HTTP service)EPSS 0.2%CVE-2026-24673MEDIUMOpen eClass Has File Upload Filter Bypass via ZIP Archive ExtractionEPSS 0.2%CVE-2025-10669MEDIUMAirsonic-Advanced Playlist Upload unrestricted uploadEPSS 0.2%CVE-2025-10755MEDIUMSelleo Mentingo Content-Type unrestricted uploadEPSS 0.2%CVE-2025-15199MEDIUMcode-projects College Notes Uploading System userprofile.php unrestricted uploadEPSS 0.2%CVE-2025-66074CRITICALWordPress WP Webhooks plugin <= 3.3.8 - Arbitrary File Upload vulnerabilityEPSS 0.2%CVE-2025-35032MEDIUMMedical Informatics Engineering Enterprise Health arbitrary file uploadEPSS 0.2%CVE-2025-12344MEDIUMYonyou U8 Cloud Request Header NCloudGatewayServlet unrestricted uploadEPSS 0.2%CVE-2026-2183MEDIUMGreat Developers Certificate Generation System csv.php unrestricted uploadEPSS 0.2%