Fallos del tipo CWE-434

2815 resultados
CVE-2026-4536MEDIUMAcrel Environmental Monitoring Cloud Platform unrestricted uploadEPSS 0.3%CVE-2026-6596MEDIUMlangflow-ai langflow API Endpoint endpoints.py create_upload_file unrestricted uploadEPSS 0.3%CVE-2026-4221MEDIUMTiandy Easy7 Integrated Management Platform Endpoint uploadLedImage unrestricted uploadEPSS 0.3%CVE-2026-37430HIGHAn arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execuEPSS 0.3%CVE-2025-15109MEDIUMjackq XCMS upload.php unrestricted uploadEPSS 0.3%CVE-2025-13238MEDIUMBdtask Flight Booking Software Edit Profile edit unrestricted uploadEPSS 0.3%CVE-2026-2213MEDIUMcode-projects Online Music Site AdminAddAlbum.php unrestricted uploadEPSS 0.3%CVE-2023-50897CRITICALWordPress Media File Renamer plugin <= 5.7.7 - Arbitrary File Rename lead to RCE vulnerabilityEPSS 0.3%CVE-2021-47783MEDIUMPhpwcms 1.9.30 - Arbitrary File UploadEPSS 0.3%CVE-2026-45444CRITICALWordPress Gift Cards For WooCommerce Pro plugin <= 4.2.6 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2024-50652MEDIUMA file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function.EPSS 0.3%CVE-2025-11020HIGHRemote Code Execution in MarkAny SafePC EnterpriseEPSS 0.3%CVE-2025-49222MEDIUMMattermost Shared Channel Upload Type Validation BypassEPSS 0.3%CVE-2026-53724LOWParse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklistEPSS 0.3%CVE-2018-25171HIGHEdTv 2 SQL Injection via id ParameterEPSS 0.3%CVE-2025-45855MEDIUMAn arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary EPSS 0.3%CVE-2026-6561MEDIUMEyouCMS Index.php edit_adminlogo unrestricted uploadEPSS 0.3%CVE-2025-65027HIGHRomM Chained XSS and CSRF Vulnerabilities Enable Admin Account TakeoverEPSS 0.3%CVE-2026-4201MEDIUMglowxq glowxq-oj SysFileController.java upload unrestricted uploadEPSS 0.3%CVE-2024-39752MEDIUMIBM Analytics Content Hub file uploadEPSS 0.3%