Fallos del tipo CWE-434
2795 resultadosCVE-2024-34833CRITICALSourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unautheEPSS 1.9%CVE-2026-25099HIGHRemote Code Execution via Unrestricted File Upload in BluditEPSS 1.9%CVE-2021-24493—Shopp eCommerce <= 1.4 - Unauthenticated Arbitrary File UploadEPSS 1.9%CVE-2025-15503MEDIUMSangfor Operation and Maintenance Management System common.jsp unrestricted uploadEPSS 1.9%CVE-2021-24224—Easy Form Builder <= 1.0 - Authenticated Arbitrary File UploadEPSS 1.9%CVE-2021-24253—Classyfrieds <= 3.8 - Authenticated Arbitrary File Upload to RCEEPSS 1.9%CVE-2021-24171—WooCommerce Upload Files < 59.4 - Unauthenticated Arbitrary File UploadEPSS 1.9%CVE-2022-2180—GREYD.SUITE < 1.2.7 - Unauthenticated File Upload to RCEEPSS 1.9%CVE-2020-3436HIGHCisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service VulnerabilityEPSS 1.9%CVE-2020-11011CRITICALRCE via file upload in PhprojectEPSS 1.9%CVE-2021-22803—A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number ofEPSS 1.9%CVE-2023-51444HIGHGeoServer arbitrary file upload vulnerability in REST Coverage Store APIEPSS 1.9%CVE-2019-12803HIGHHunesion i-oneNet unrestricted file upload vulnerabilityEPSS 1.9%CVE-2017-6041—An Unrestricted Upload issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A32EPSS 1.8%CVE-2023-5488MEDIUMByzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform updatelib.php unrestricted uploadEPSS 1.8%CVE-2023-5492MEDIUMByzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform licence.php unrestricted uploadEPSS 1.8%CVE-2024-2221CRITICALPath Traversal and Arbitrary File Upload Vulnerability in qdrant/qdrantEPSS 1.8%CVE-2021-24254—College Publisher Import <= 0.1 - Arbitrary File Upload to RCEEPSS 1.8%CVE-2020-12005—FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ContEPSS 1.8%CVE-2023-4225HIGHChamilo LMS File Upload Functionality Remote Code ExecutionEPSS 1.8%