Fallos del tipo CWE-434
2815 resultadosCVE-2025-15262MEDIUMBiggiDroid Simple PHP CMS Site Logo edit.php unrestricted uploadEPSS 0.3%CVE-2024-25801MEDIUMSKINsoft S-Museum 7.02.3 allows XSS via the filename of an uploaded file. Unlike in CVE-2024-25802, the attack payload is in the name (not tEPSS 0.3%CVE-2025-62618HIGHELOG file upload stored XSSEPSS 0.3%CVE-2026-5576MEDIUMSourceCodester/jkev Record Management System Add Employee save_emp.php unrestricted uploadEPSS 0.3%CVE-2026-39527MEDIUMWordPress WpStream plugin < 4.11.2 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2024-36987MEDIUMInsecure File Upload in the indexing/preview REST endpointEPSS 0.3%CVE-2025-15050MEDIUMcode-projects Student File Management System save_file.php unrestricted uploadEPSS 0.3%CVE-2025-24505HIGHThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploadiEPSS 0.3%CVE-2024-50620HIGHUnrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CEPSS 0.3%CVE-2019-25229HIGHKentico Xperience <= 12.0.29 MVC Forms Unrestricted File UploadEPSS 0.3%CVE-2025-2155HIGHArbitrary File Upload in EchoCCS's Specto CMEPSS 0.3%CVE-2026-11474MEDIUMKushan2k student-management-system Registration Endpoint RegisterService.php unrestricted uploadEPSS 0.3%CVE-2025-36519MEDIUMUnrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69EPSS 0.3%CVE-2024-10584MEDIUMDirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-43750MEDIUMLiferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.EPSS 0.3%CVE-2025-10544HIGHUnrestricted uploading of dangerous file types to AvePoint productsEPSS 0.3%CVE-2025-55061HIGHPriority - CWE-434 Unrestricted Upload of File with Dangerous TypeEPSS 0.3%CVE-2025-14219MEDIUMCampcodes Retro Basketball Shoes Online Store admin_running.php unrestricted uploadEPSS 0.3%CVE-2025-9800MEDIUMSimStudioAI sim HTML File route.ts import unrestricted uploadEPSS 0.3%CVE-2025-15109MEDIUMjackq XCMS upload.php unrestricted uploadEPSS 0.3%