Fallos del tipo CWE-434
2813 resultadosCVE-2025-63748HIGHQaTraq 6.9.2 allows authenticated users to upload arbitrary files via the "Add Attachment" feature in the "Test Script" module. The applicatEPSS 0.4%CVE-2025-11103MEDIUMProjectworlds Online Tours and Travels change-image.php unrestricted uploadEPSS 0.4%CVE-2025-12331MEDIUMWillow CMS add unrestricted uploadEPSS 0.4%CVE-2025-47658CRITICALWordPress ELEX HelpDesk & Customer Ticketing System plugin <= 3.2.9 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2024-13133MEDIUMZeroWdd studentmanager StudentController. java editStudent unrestricted uploadEPSS 0.3%CVE-2025-8174MEDIUMcode-projects Voting System candidates_add.php unrestricted uploadEPSS 0.3%CVE-2025-67910CRITICALWordPress Contentstudio plugin <= 1.3.7 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-11436MEDIUMJhumanJ OpnForm answer unrestricted uploadEPSS 0.3%CVE-2024-46482HIGHAn arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to EPSS 0.3%CVE-2026-4191MEDIUMJawherKl node-api-postgres Profile Picture index.js path.extname unrestricted uploadEPSS 0.3%CVE-2025-49885CRITICALWordPress Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin <= 5.0.6 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2026-21625MEDIUMExtension - stackideas.com - Lack of mime type validation in EasyDiscuss component 1.0.0-5.0.15 for JoomlaEPSS 0.3%CVE-2026-40772CRITICALWordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-39402CRITICALWordPress WPAMS plugin <= 44.0 (17-08-2023) - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-47663CRITICALWordPress Hospital Management System plugin <= 47.0(20-11-2023) - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-46264CRITICALWordPress PowerPress Podcasting <= 11.12.5 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2025-32652CRITICALWordPress Solace Extra plugin <= 1.3.1 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2024-7705MEDIUMFujian mwcms Image Upload uploadeditor.html uploadeditor unrestricted uploadEPSS 0.3%CVE-2025-15360MEDIUMnewbee-mall-plus Product Information Edit UploadController.java upload unrestricted uploadEPSS 0.3%CVE-2026-2978MEDIUMFastApiAdmin Scheduled Task API controller.py upload_file_controller unrestricted uploadEPSS 0.3%