Falhas do tipo CWE-434
2.786 resultadosCVE-2026-21877CRITICALn8n is vulnerable to Remote Code Execution via Arbitrary File WriteEPSS 5.3%CVE-2025-3515HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist ChecksEPSS 5.1%CVE-2022-44384HIGHAn arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file.EPSS 5.0%CVE-2021-36741HIGHAn improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 1EPSS 5.0%KEVCVE-2025-47577CRITICALWordPress TI WooCommerce Wishlist plugin <= 2.9.2 - Arbitrary File Upload VulnerabilityEPSS 4.9%CVE-2022-42040CRITICALThe d8s-algorithms package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The bEPSS 4.8%CVE-2021-39151HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.8%CVE-2021-39149HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.8%CVE-2021-39147HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.8%CVE-2021-39154HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.8%CVE-2021-39148HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.8%CVE-2024-34982CRITICALAn arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code vEPSS 4.7%CVE-2020-36849CRITICALAIT CSV import/export <= 3.0.3 - Unauthenticated Arbitrary File UploadEPSS 4.7%CVE-2024-33752MEDIUMAn arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remoteEPSS 4.6%CVE-2024-43160CRITICALWordPress BerqWP plugin <= 1.7.6 - Unauthenticated Arbitrary File Upload vulnerabilityEPSS 4.6%CVE-2024-27115CRITICALRemote Code Execution through File Upload in SOPlanning before 1.52.02EPSS 4.6%CVE-2021-39139HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.6%CVE-2021-39153HIGHXStream is vulnerable to an Arbitrary Code Execution attackEPSS 4.5%CVE-2026-1306CRITICALmidi-Synth <= 1.1.0 - Unauthenticated Arbitrary File Upload via 'export' AJAX ActionEPSS 4.5%CVE-2023-1826MEDIUMSourceCodester Online Computer and Laptop Store index.php unrestricted uploadEPSS 4.4%