Fallos del tipo CWE-434
2805 resultadosCVE-2023-3504MEDIUMSmartWeb Infotech Job Board My Profile Page account unrestricted uploadEPSS 0.5%CVE-2025-0341MEDIUMCampCodes Computer Laboratory Management System edit unrestricted uploadEPSS 0.5%CVE-2024-46101CRITICALGDidees CMS <= v3.9.1 has a file upload vulnerability.EPSS 0.5%CVE-2024-30533HIGHWordPress Layouts for Elementor plugin < 1.8 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2020-36825MEDIUMcyberaz0r WebRAT api.php download_file unrestricted uploadEPSS 0.5%CVE-2025-10425MEDIUM1000projects Online Student Project Report Submission and Evaluation System student_controller.php unrestricted uploadEPSS 0.5%CVE-2025-9475MEDIUMSourceCodester Human Resource Information System editemployee_process.php unrestricted uploadEPSS 0.5%CVE-2025-9476MEDIUMSourceCodester Human Resource Information System editemployee_process.php unrestricted uploadEPSS 0.5%CVE-2025-65474HIGHAn arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arEPSS 0.5%CVE-2024-33836CRITICALIn the module "JA Marketplace" (jamarketplace) up to version 9.0.1 from JA Module for PrestaShop, a guest can upload files with extensions .EPSS 0.5%CVE-2025-11908MEDIUMShenzhen Ruiming Technology Streamax Crocus FileDir.do uploadFile unrestricted uploadEPSS 0.5%CVE-2025-12154HIGHAuto Thumbnailer <= 1.0 - Authenticated (Contributor+) Arbitrary File UploadEPSS 0.5%CVE-2025-9397MEDIUMgivanz Vvveb media.php unrestricted uploadEPSS 0.5%CVE-2025-22213HIGH[20250301] - Core - Malicious file uploads via Media ManagerEPSS 0.5%CVE-2025-4387HIGHAbandoned Cart Pro for WooCommerce <= 9.16.0 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.5%CVE-2025-1890MEDIUMshishuocms ManageUpLoadAction.java handleRequest unrestricted uploadEPSS 0.5%CVE-2026-2164MEDIUMdetronetdip E-commerce addadhar.php unrestricted uploadEPSS 0.5%CVE-2022-39301HIGHsra-admin is vulnerable to storage cross-site scripting (XSS) via unrestricted file uploadEPSS 0.5%CVE-2025-67164CRITICALAn authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arEPSS 0.4%CVE-2025-3585MEDIUMwestboy CicadasCMS JSP Parser upload unrestricted uploadEPSS 0.4%