Fallos del tipo CWE-434

2813 resultados
CVE-2025-14390HIGHVideo Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.4%CVE-2026-6602MEDIUMrickxy Hospital Management System his_admin_account.php unrestricted uploadEPSS 0.4%CVE-2018-25158HIGHChamilo LMS 1.11.8 Arbitrary File Upload via elfinderEPSS 0.4%CVE-2026-38991HIGHCockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component _isFileTypeAllowed function where a specially craftEPSS 0.4%CVE-2025-58048CRITICALPaymenter Vulnerable to Remote Code Execution via Public File UploadsEPSS 0.4%CVE-2025-31916CRITICALWordPress JP Students Result Management System Premium plugin 1.1.7 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2024-40693HIGHIBM Planning Analytics file uploadEPSS 0.4%CVE-2025-56263HIGHby-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api/sms/upload/headImg endpoint allows uploading arbitrary files. Users cEPSS 0.4%CVE-2026-57700CRITICALWordPress OMGF Pro plugin <= 5.2.6 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2024-41731LOWMultiple Unrestricted File Upload vulnerabilities in SAP BusinessObjects Business Intelligence PlatformEPSS 0.4%CVE-2025-9296MEDIUMEmlog Pro blogger.php unrestricted uploadEPSS 0.4%CVE-2025-7880MEDIUMMetasoft 美特软件 MetaCRM sendsms.jsp unrestricted uploadEPSS 0.4%CVE-2026-38751HIGHOpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality (modules/aggiornaEPSS 0.4%CVE-2025-47687CRITICALWordPress StoreKeeper for WooCommerce plugin <= 14.4.4 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2025-6435HIGHSave as in Devtools could download files without sanitizing the extensionEPSS 0.4%CVE-2025-7895MEDIUMharry0703 MoneyPrinterTurbo File Extension video.py upload_bgm_file unrestricted uploadEPSS 0.4%CVE-2025-29405MEDIUMAn arbitrary file upload vulnerability in the component /admin/template.php of emlog pro 2.5.0 and pro 2.5.* allows attackers to execute arbEPSS 0.4%CVE-2025-5728MEDIUMSourceCodester Open Source Clinic Management System manage_website.php unrestricted uploadEPSS 0.4%CVE-2022-39019MEDIUMBroken access controls on PDFtron WebviewerUI in M-Files HubshareEPSS 0.4%CVE-2025-4926MEDIUMPHPGurukul Car Rental Project post-avehical.php unrestricted uploadEPSS 0.4%