Fallos del tipo CWE-434

2804 resultados
CVE-2025-5299MEDIUMSourceCodester Client Database Management System user_order_customer_update.php unrestricted uploadEPSS 0.5%CVE-2024-8463CRITICALFile upload restriction bypass vulnerability in Job PortalEPSS 0.5%CVE-2025-12201MEDIUMajayrandhawa User-Management-PHP-MYSQL User Management edit-user.php unrestricted uploadEPSS 0.5%CVE-2023-7054MEDIUMPHPGurukul Online Notes Sharing System add-notes.php unrestricted uploadEPSS 0.5%CVE-2024-11054MEDIUMSourceCodester Simple Music Cloud Community System ajax.php unrestricted uploadEPSS 0.5%CVE-2024-0192MEDIUMRRJ Nueva Ecija Engineer Online Portal Add Downloadable downloadable.php unrestricted uploadEPSS 0.5%CVE-2025-29093HIGHFile Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Content/GaEPSS 0.5%CVE-2024-35746CRITICALWordPress BuddyPress Cover plugin <= 2.1.4.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-42523HIGHpubliccms V4.0.202302.e and before is vulnerable to Any File Upload via publiccms/admin/cmsTemplate/saveMetaDataEPSS 0.5%CVE-2026-29859CRITICALAn arbitrary file upload vulnerability in aaPanel v7.57.0 allows attackers to execute arbitrary code via uploading a crafted file.EPSS 0.5%CVE-2025-12181HIGHContentStudio <= 1.3.7 - Authenticated (Author+) Arbitrary File UploadEPSS 0.5%CVE-2025-15226CRITICALSunnet|WMPro - Arbitrary File UploadEPSS 0.5%CVE-2026-10071CRITICALInterinfo|DreamMaker - Arbitrary File UploadEPSS 0.5%CVE-2024-49652CRITICALWordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-6948MEDIUMGargaj wuhu Slide Editor slideeditor.php unrestricted uploadEPSS 0.5%CVE-2024-49671CRITICALWordPress AI Postpix plugin <= 1.1.8 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-23921CRITICALWordPress Multi Uploader for Gravity Forms plugin <= 1.1.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-15228CRITICALWELLTEND TECHNOLOGY| BPMFlowWebkit - Arbitrary File UploadEPSS 0.5%CVE-2024-49669CRITICALWordPress INK Official plugin <= 4.1.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-50002CRITICALWordPress Energia theme <= 1.1.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%