Fallos del tipo CWE-434
2805 resultadosCVE-2026-13553MEDIUMitsourcecode Online Hotel Management System controller.php add unrestricted uploadEPSS 0.5%CVE-2026-40040HIGHPachno 1.0.6 Unrestricted File Upload Remote Code ExecutionEPSS 0.5%CVE-2025-54442CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 0.5%CVE-2024-57761HIGHAn arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01 allows attackers to execute arbitrary code viaEPSS 0.5%CVE-2026-39292HIGHFalco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows EPSS 0.5%CVE-2025-1166MEDIUMSourceCodester Food Menu Manager update.php unrestricted uploadEPSS 0.5%CVE-2025-32140CRITICALWordPress WP Remote Thumbnail Plugin <= 1.3.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2026-41269HIGHFlowise: File Upload Validation Bypass in createAttachmentEPSS 0.5%CVE-2024-3444MEDIUMWangshen SecGate 3600 ?g=net_pro_keyword_import_save unrestricted uploadEPSS 0.5%CVE-2024-6647MEDIUMCroogo Setting Theme unrestricted uploadEPSS 0.5%CVE-2024-3804MEDIUMVesystem Cloud Desktop fileupload2.php unrestricted uploadEPSS 0.5%CVE-2024-20296MEDIUMA vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker EPSS 0.5%CVE-2020-37073HIGHVictor CMS 1.0 - Authenticated Arbitrary File UploadEPSS 0.5%CVE-2026-21628CRITICALExtension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for JoomlaEPSS 0.5%CVE-2024-3803MEDIUMVesystem Cloud Desktop fileupload.php unrestricted uploadEPSS 0.5%CVE-2024-52488CRITICALWordPress Grip theme <= 1.0.9 - Arbitrary Plugin Activation/Deactivation to RCE vulnerabilityEPSS 0.5%CVE-2025-22389HIGHAn issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the applicEPSS 0.5%CVE-2025-8379MEDIUMCampcodes Online Hotel Reservation System edit_room.php unrestricted uploadEPSS 0.5%CVE-2026-27540CRITICALWordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-11967HIGHMail Mint <= 1.18.10 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.5%