Falhas do tipo CWE-434
2.782 resultadosCVE-2024-53677CRITICALApache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checksEPSS 78.2%CVE-2021-21346MEDIUMXStream is vulnerable to an Arbitrary Code Execution attackEPSS 76.9%CVE-2021-21344MEDIUMXStream is vulnerable to an Arbitrary Code Execution attackEPSS 76.5%CVE-2023-4220HIGHChamilo LMS Unauthenticated Big Upload File Remote Code ExecutionEPSS 76.1%CVE-2023-3486HIGHPaperCut NG Unauthenticated File UploadEPSS 75.8%CVE-2017-11357CRITICALProgress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackeEPSS 75.7%KEVCVE-2023-3836MEDIUMDahua Smart Park Management unrestricted uploadEPSS 73.5%CVE-2023-2034CRITICALUnrestricted Upload of File with Dangerous Type in froxlor/froxlorEPSS 73.2%CVE-2025-34299CRITICALMonsta FTP <= 2.11 Unauthenticated Arbitrary File UploadEPSS 72.0%CVE-2024-0352HIGHLikeshop HTTP POST Request File.php userFormImage unrestricted uploadEPSS 70.7%CVE-2021-34995HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authEPSS 68.9%CVE-2024-29848HIGHAn unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated, privileged user to execEPSS 64.4%CVE-2019-8394HIGHZoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customizatEPSS 64.1%KEVCVE-2023-51409CRITICALWordPress AI Engine plugin <= 1.9.98 - Unauthenticated Arbitrary File Upload vulnerabilityEPSS 63.3%CVE-2023-38095HIGHNETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution VulnerabilityEPSS 62.5%CVE-2023-27179HIGHGDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdowEPSS 60.8%CVE-2021-24499—Workreap theme < 2.2.2 - Unauthenticated Upload Leading to Remote Code ExecutionEPSS 60.4%CVE-2023-0587CRITICALA file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT mesEPSS 59.6%CVE-2021-43829HIGHUnrestricted Upload of Files in PatrowlEPSS 59.2%CVE-2021-39352HIGHCatch Themes Demo Import <= 1.7 Admin+ Arbitrary File UploadEPSS 56.6%