Weaknesses of type CWE-434

2,824 results
CVE-2025-13949MEDIUMProudMuBai GoFilm FileController.go SingleUpload unrestricted uploadEPSS 0.2%CVE-2026-10806MEDIUMmjperpinosa stumasy add_post.php unrestricted uploadEPSS 0.2%CVE-2026-6835MEDIUMaEnrich|a+HCM - Arbitrary File UploadEPSS 0.2%CVE-2025-14632MEDIUMFilr – Secure document library <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML UploadEPSS 0.2%CVE-2026-10172MEDIUMBdtask Multi-Store Inventory Management System Component Module.php upload unrestricted uploadEPSS 0.2%CVE-2025-15415MEDIUMxnx3 wangmarket XML File uploadImage.do uploadImage unrestricted uploadEPSS 0.2%CVE-2026-7732MEDIUMcode-projects BloodBank Managing System request_blood.php unrestricted uploadEPSS 0.2%CVE-2025-55810MEDIUMA vulnerability was found in Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) with hardware version V03 and firmware version 1.4.2, whEPSS 0.2%CVE-2025-9795MEDIUMxujeff tianti 天梯 UploadController.java ajaxUploadFile unrestricted uploadEPSS 0.2%CVE-2025-60187MEDIUMWordPress Atarim plugin <= 4.2.1 - Arbitrary File Upload vulnerabilityEPSS 0.2%CVE-2026-5181MEDIUMSourceCodester Simple Doctors Appointment System ajax.php unrestricted uploadEPSS 0.2%CVE-2026-5670MEDIUMCyber-III Student-Management-System upload.php move_uploaded_file unrestricted uploadEPSS 0.2%CVE-2024-9544MEDIUMMapSVG - All Kinds of Maps and Store Locator for WordPress <= 8.6.4 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-15152MEDIUMh-moses moga-mall PmsProductController.java addProduct unrestricted uploadEPSS 0.2%CVE-2026-23704MEDIUMA non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be exEPSS 0.2%CVE-2023-53876MEDIUMAcademy LMS 6.1 Arbitrary File Upload Vulnerability via Profile SettingsEPSS 0.2%CVE-2026-4505MEDIUMeosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted uploadEPSS 0.2%CVE-2026-5472MEDIUMProjectsAndPrograms School Management System Profile Picture settings.php unrestricted uploadEPSS 0.2%CVE-2026-7043MEDIUMGreenCMS index.php pluginAddLocal unrestricted uploadEPSS 0.2%CVE-2026-10205MEDIUMMetasoft 美特软件 MetaCRM upload.jsp unrestricted uploadEPSS 0.2%