Fallos del tipo CWE-434

2809 resultados
CVE-2025-5171MEDIUMllisoft MTA Maita Training System OpenController.java this.fileService.download unrestricted uploadEPSS 0.4%CVE-2025-3969MEDIUMcodeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted uploadEPSS 0.4%CVE-2025-46490CRITICALWordPress Crossword Compiler Puzzles plugin <= 5.2 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2024-40695HIGHIBM Cognos Analytics file uploadEPSS 0.4%CVE-2025-3807MEDIUMzhenfeng13 My-BBS Endpoint UploadController.java upload unrestricted uploadEPSS 0.4%CVE-2024-56508HIGHFile Upload Vulnerability Leading to XSS in LinkAce v1.15.5EPSS 0.4%CVE-2025-2952MEDIUMBluestar Micro Mall api.php unrestricted uploadEPSS 0.4%CVE-2025-11660MEDIUMProjectsAndPrograms School Management System uploadSllyabus.php unrestricted uploadEPSS 0.4%CVE-2025-49060CRITICALWordPress Wastia theme < 1.1.3 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-11658MEDIUMProjectsAndPrograms School Management System changeSllyabus.php unrestricted uploadEPSS 0.4%CVE-2025-60235CRITICALWordPress Support Ticket System for WooCommerce plugin <= 2.0.7 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-60207CRITICALWordPress Custom User Registration Fields for WooCommerce plugin <= 2.1.2 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-53283CRITICALWordPress Drop Uploader for CF7 - Drag&Drop File Uploader Addon Plugin <= 2.4.1 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2024-51208HIGHFile Upload vulnerability in change-image.php in Anuj Kumar's Boat Booking System version 1.0 allows local attackers to upload a malicious PEPSS 0.4%CVE-2024-2125HIGHEnvíaloSimple: Email Marketing y Newsletters <= 2.3 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.4%CVE-2025-58996CRITICALWordPress Advanced Settings Plugin <= 3.1.1 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-22132HIGHWeGIA has a Cross-Site Scripting (XSS) in File Upload FieldEPSS 0.4%CVE-2024-7706MEDIUMFujian mwcms uploadfile.html uploadimage unrestricted uploadEPSS 0.4%CVE-2025-23968CRITICALWordPress AiBud WP plugin <= 1.9 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-3830MEDIUMkuangstudy KuangSimpleBBS QuestionController.java fileUpload unrestricted uploadEPSS 0.4%