Fallos del tipo CWE-434

2806 resultados
CVE-2025-3410MEDIUMmymagicpower AIAS LocalStorageController.java unrestricted uploadEPSS 0.4%CVE-2026-44088HIGHRemote Code Execution in SzafirHostEPSS 0.4%CVE-2025-26325CRITICALShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php.EPSS 0.4%CVE-2025-0460MEDIUMBlog Botz for Journal Theme blog_add unrestricted uploadEPSS 0.4%CVE-2018-25162HIGH2-Plan Team 1.0.4 Arbitrary File Upload via managefile.phpEPSS 0.4%CVE-2025-9942MEDIUMCodeAstro Real Estate Management System submitproperty.php unrestricted uploadEPSS 0.4%CVE-2025-9941MEDIUMCodeAstro Real Estate Management System register.php unrestricted uploadEPSS 0.4%CVE-2025-1646MEDIUMLumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted uploadEPSS 0.4%CVE-2025-47549CRITICALWordPress BEAF plugin <= 4.6.10 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-32291CRITICALWordPress SUMO Affiliates Pro plugin < 11.1.0 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-3558MEDIUMghostxbh uzy-ssm-mall uploadUserHeadImage unrestricted uploadEPSS 0.4%CVE-2024-5050MEDIUMWangshen SecGate 3600 ?g=log_import_save unrestricted uploadEPSS 0.4%CVE-2025-48782CRITICALSoar Cloud HRD Human Resource Management System - Unrestricted Upload of File with Dangerous TypeEPSS 0.4%CVE-2026-50873CRITICALAn arbitrary file upload vulnerability in the attachment handling component of flatnotes v5.5.4 allows attackers to execute arbitrary code vEPSS 0.4%CVE-2024-28418MEDIUMWebedition CMS 9.2.2.0 has a File upload vulnerability via /webEdition/we_cmd.phpEPSS 0.4%CVE-2025-6873MEDIUMSourceCodester Simple Company Website Users.php unrestricted uploadEPSS 0.4%CVE-2025-6872MEDIUMSourceCodester Simple Company Website SystemSettings.php unrestricted uploadEPSS 0.4%CVE-2025-1070HIGHCWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file EPSS 0.4%CVE-2025-55746CRITICALDirectus allows unauthenticated file upload and file modification due to lacking input sanitizationEPSS 0.4%CVE-2025-3765MEDIUMSourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted uploadEPSS 0.4%