Falhas do tipo CWE-434

2.800 resultados
CVE-2024-54918CRITICALKashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File Upload in /teacher_avatar.php.EPSS 0.9%CVE-2019-25630HIGHPhreeBooks ERP 5.2.3 Arbitrary File Upload via Image ManagerEPSS 0.9%CVE-2023-42659CRITICALWS_FTP Server Arbitrary File UploadEPSS 0.9%CVE-2025-46157CRITICALAn issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave requesEPSS 0.9%CVE-2022-0930HIGHFile upload filter bypass leading to stored XSS in microweber/microweberEPSS 0.9%CVE-2024-35570CRITICALAn arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to executeEPSS 0.9%CVE-2025-34104CRITICALPiwik Authenticated RCE via Custom Plugin UploadEPSS 0.9%CVE-2022-42698CRITICALWordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerabilityEPSS 0.9%CVE-2023-1942MEDIUMSourceCodester Online Computer and Laptop Store Avatar unrestricted uploadEPSS 0.9%CVE-2022-43265CRITICALAn arbitrary file upload vulnerability in the component /pages/save_user.php of Canteen Management System v1.0 allows attackers to execute aEPSS 0.9%CVE-2025-22654CRITICALWordPress Simplified Plugin Plugin <= 1.0.6 - Arbitrary File Upload vulnerabilityEPSS 0.9%CVE-2024-57169CRITICALA file upload bypass vulnerability exists in SOPlanning 1.53.00, specifically in /process/upload.php. This vulnerability allows remote attacEPSS 0.9%CVE-2022-47854CRITICALi-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php.EPSS 0.9%CVE-2022-0962CRITICALStored XSS viva .webma file upload in star7th/showdocEPSS 0.9%CVE-2025-2512CRITICALFile Away <= 3.9.9.0.1 - Missing Authorization to Unauthenticated File Upload via upload FunctionEPSS 0.9%CVE-2023-1392MEDIUMSourceCodester Online Pizza Ordering System save_menu unrestricted uploadEPSS 0.9%CVE-2023-48394HIGHKaifa Technology WebITR - Arbitrary File UploadEPSS 0.9%CVE-2023-7091MEDIUMDreamer CMS uploadFile unrestricted uploadEPSS 0.9%CVE-2017-9279LOWNetIQ Identity Manager allowed uploading of user icons with incorrect types or extensionsEPSS 0.9%CVE-2023-2424MEDIUMDedeCMS config.php UpDateMemberModCache unrestricted uploadEPSS 0.9%