Fallos del tipo CWE-434

2818 resultados
CVE-2026-14776MEDIUMSourceCodester Onlne Examination & Learning Management System Filename Extension upload_files.php pathinfo unrestricted uploadEPSS 0.2%CVE-2023-26098HIGHAn issue was discovered in the Open Document feature in Telindus Apsal 3.14.2022.235 b. An attacker may upload a crafted file to execute arbEPSS 0.2%CVE-2026-28800MEDIUMNatro Macro: Malicious actions allowed through Discord RC Commands by any userEPSS 0.2%CVE-2026-28133HIGHWordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerabilityEPSS 0.2%CVE-2024-41340HIGHAn issue in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862EPSS 0.2%CVE-2026-27605MEDIUMChartbrew: Stored Cross-Site Scripting (XSS) via File Upload APIEPSS 0.2%CVE-2025-54757MEDIUMMultiple versions of PowerCMS allow unrestricted upload of dangerous files. If a product administrator accesses a malicious file uploaded byEPSS 0.2%CVE-2025-12048HIGHAn arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allowEPSS 0.2%CVE-2026-6211HIGHArbitrary File Upload in Global IT's WEOLLEPSS 0.2%CVE-2025-13949MEDIUMProudMuBai GoFilm FileController.go SingleUpload unrestricted uploadEPSS 0.2%CVE-2026-10807MEDIUMmjperpinosa stumasy change_profile_image.php unrestricted uploadEPSS 0.2%CVE-2026-10806MEDIUMmjperpinosa stumasy add_post.php unrestricted uploadEPSS 0.2%CVE-2026-14698MEDIUMSourceCodester Syllabus-Aligned Learning Management and Examination System upload_files.php unrestricted uploadEPSS 0.2%CVE-2026-6835MEDIUMaEnrich|a+HCM - Arbitrary File UploadEPSS 0.2%CVE-2025-14632MEDIUMFilr – Secure document library <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML UploadEPSS 0.2%CVE-2025-60187MEDIUMWordPress Atarim plugin <= 4.2.1 - Arbitrary File Upload vulnerabilityEPSS 0.2%CVE-2025-55810MEDIUMA vulnerability was found in Alaga Home Security WiFi Camera 3K (model S-CW2503C-H) with hardware version V03 and firmware version 1.4.2, whEPSS 0.2%CVE-2025-9795MEDIUMxujeff tianti 天梯 UploadController.java ajaxUploadFile unrestricted uploadEPSS 0.2%CVE-2025-15415MEDIUMxnx3 wangmarket XML File uploadImage.do uploadImage unrestricted uploadEPSS 0.2%CVE-2026-5670MEDIUMCyber-III Student-Management-System upload.php move_uploaded_file unrestricted uploadEPSS 0.2%