Fallos del tipo CWE-434

2804 resultados
CVE-2022-40981MEDIUMETIC Telecom Remote Access Server Unrestricted Upload of File with Dangerous TypeEPSS 0.5%CVE-2024-10293MEDIUMZZCMS functions.php Ebak_SetGotoPak unrestricted uploadEPSS 0.5%CVE-2023-42472HIGHInsufficient File type validation in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)EPSS 0.5%CVE-2025-1862MEDIUMAuthenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code ExecutionEPSS 0.5%CVE-2024-50527CRITICALWordPress Stacks Mobile App Builder plugin <= 5.2.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-7879MEDIUMMetasoft 美特软件 MetaCRM mobileupload.jsp unrestricted uploadEPSS 0.5%CVE-2024-49314CRITICALWordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-50525CRITICALWordPress Helloprint plugin <= 2.0.4 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-7877MEDIUMMetasoft 美特软件 MetaCRM sendfile.jsp unrestricted uploadEPSS 0.5%CVE-2024-49327CRITICALWordPress Woostagram Connect plugin <= 1.0.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-49329CRITICALWordPress WP REST API FNS plugin <= 1.0.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-50496CRITICALWordPress AR For WordPress plugin <= 6.6 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-49610CRITICALWordPress photokit plugin <= 1.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-37132HIGHAuthenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File WriteEPSS 0.5%CVE-2024-50420CRITICALWordPress aDirectory plugin <= 1.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-49326CRITICALWordPress Affiliator plugin <= 2.1.3 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2026-41587HIGHCI4MS: Unrestricted PHP File Upload via Theme Installation Leads to Authenticated Remote Code ExecutionEPSS 0.5%CVE-2024-50523CRITICALWordPress All Post Contact Form plugin <= 1.8.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-50495CRITICALWordPress Plugin Propagator plugin <= 0.1 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2025-54440CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 0.5%