Fallos del tipo CWE-434
2816 resultadosCVE-2026-28114CRITICALWordPress WooCommerce License Manager plugin <= 7.0.6 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-54460HIGHAVEVA PI Integrator Unrestricted Upload of File with Dangerous TypeEPSS 0.3%CVE-2026-13547MEDIUMHanwang e-Face General Management Platform upload.do unrestricted uploadEPSS 0.3%CVE-2024-39752MEDIUMIBM Analytics Content Hub file uploadEPSS 0.3%CVE-2025-65027HIGHRomM Chained XSS and CSRF Vulnerabilities Enable Admin Account TakeoverEPSS 0.3%CVE-2025-4305MEDIUMkefaming mayi File.php upload unrestricted uploadEPSS 0.3%CVE-2025-4333MEDIUMfeng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java uploadFile unrestricted uploadEPSS 0.3%CVE-2025-12291MEDIUMashymuzuro Full-Ecommece-Website/Muzuro Ecommerce System Add Product index.php unrestricted uploadEPSS 0.3%CVE-2026-9053MEDIUMMothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious defauEPSS 0.3%CVE-2026-41517NONEEmlog: Remote Code Execution via Malicious Plugin UploadEPSS 0.3%CVE-2026-27067CRITICALWordPress Mobile App Editor plugin <= 1.3.1 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-54693CRITICALWordPress Form Block Plugin <= 1.5.5 - Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2024-25020MEDIUMIBM Cognos Controller file uploadEPSS 0.3%CVE-2024-25019MEDIUMIBM Cognos Controller file uploadEPSS 0.3%CVE-2025-8841MEDIUMzlt2000 microservices-platform FileController.java upload unrestricted uploadEPSS 0.3%CVE-2025-0984HIGHArbitrary File Upload in Netoloji Software's E-FlowEPSS 0.3%CVE-2025-25016MEDIUMKibana Unrestricted Upload of FileEPSS 0.3%CVE-2026-25648HIGHTraccar Vulnerable to Stored Cross-Site Scripting (XSS) via Malicious SVG File UploadEPSS 0.3%CVE-2026-40750CRITICALWordPress Kids Online Store theme <= 0.8.9 - Arbitrary File Upload vulnerabilityEPSS 0.3%CVE-2025-64759HIGHHomarr is Vulnerable to Stored Cross-Site Scripting (XSS) and Possible Privilege Escalation via Malicious SVG UploadEPSS 0.3%