Fallos del tipo CWE-434
2804 resultadosCVE-2025-7075MEDIUMBlackVue Dashcam 590X HTTP Endpoint upload.cgi unrestricted uploadEPSS 0.8%CVE-2022-3129MEDIUMcodeprojects Online Driving School registration.php unrestricted uploadEPSS 0.8%CVE-2023-24045MEDIUMIn Dataiku DSS 11.2.1, an attacker can download other Dataiku files that were uploaded to the myfiles section by specifying the target usernEPSS 0.8%CVE-2022-45171HIGHAn issue was discovered in LIVEBOX Collaboration vDesk through v018. An Unrestricted Upload of a File with a Dangerous Type can occur under EPSS 0.8%CVE-2024-5518MEDIUMitsourcecode Online Discussion Forum change_profile_picture.php unrestricted uploadEPSS 0.8%CVE-2024-1008MEDIUMSourceCodester Employee Management System Profile Page edit-photo.php unrestricted uploadEPSS 0.8%CVE-2025-29017HIGHA Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in theEPSS 0.7%CVE-2022-31041HIGHInsufficient content-type validation for uploaded files in open-formsEPSS 0.7%CVE-2024-24146MEDIUMA memory leak issue discovered in parseSWF_DEFINEBUTTON in libming v0.4.8 allows attackers to cause s denial of service via a crafted SWF fiEPSS 0.7%CVE-2023-1185MEDIUMECshop New Product unrestricted uploadEPSS 0.7%CVE-2023-1184MEDIUMECshop Backup Database database.php unrestricted uploadEPSS 0.7%CVE-2024-32161CRITICALjizhiCMS 2.5 suffers from a File upload vulnerability.EPSS 0.7%CVE-2014-125104MEDIUMVaultPress Plugin MailPoet Plugin class.vaultpress-hotfixes.php protect_aioseo_ajax unrestricted uploadEPSS 0.7%CVE-2023-30264CRITICALCLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.EPSS 0.7%CVE-2023-39548—CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleEPSS 0.7%CVE-2023-3804MEDIUMChengdu Flash Flood Disaster Monitoring and Warning System FileHandler.ashx unrestricted uploadEPSS 0.7%CVE-2024-11017HIGHGrand Vice info Webopac - Arbitrary File UploadEPSS 0.7%CVE-2021-31314CRITICALFile upload vulnerability in ejinshan v8+ terminal security system allows attackers to upload arbitrary files to arbitrary locations on the EPSS 0.7%CVE-2022-23026—On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12EPSS 0.7%CVE-2024-0194MEDIUMCodeAstro Internet Banking System Profile Picture pages_account.php unrestricted uploadEPSS 0.7%