Falhas do tipo CWE-434
2.804 resultadosCVE-2025-2219MEDIUMLoveCards LoveCardsV2 image unrestricted uploadEPSS 0.6%CVE-2025-12846HIGHBlocksy Companion <= 2.1.19 - Authenticated (Author+) Arbitrary File Upload via SVG Upload BypassEPSS 0.6%CVE-2025-5746CRITICALDrag and Drop Multiple File Upload (Pro) - WooCommerce <= 1.7.1 and 5.0 - 5.0.5 - Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2025-9515HIGHMulti Step Form <= 1.7.25 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.6%CVE-2024-48734HIGHUnrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicEPSS 0.6%CVE-2026-6261HIGHBetheme <= 28.4 - Authenticated (Author+) Arbitrary File Upload to Remote Code Execution via Icon Pack UploadEPSS 0.6%CVE-2024-27957CRITICALWordPress Pie Register plugin <= 3.8.3.1 - Unauthenticated Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2021-24620—Simple eCommerce <= 2.2.5 - Arbitrary File UploadEPSS 0.6%CVE-2020-36942HIGHVictor CMS 1.0 - File Upload To RCEEPSS 0.6%CVE-2024-50526CRITICALWordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2025-1598MEDIUMSourceCodester Best Church Management Software asset_crud.php unrestricted uploadEPSS 0.6%CVE-2025-48889MEDIUMGradio Allows Unauthorized File Copy via Path ManipulationEPSS 0.6%CVE-2025-34163CRITICALDongsheng Logistics Software Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2025-6802CRITICALMarvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution VulnerabilityEPSS 0.6%CVE-2025-55454HIGHAn authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrarEPSS 0.6%CVE-2025-54449CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 0.6%CVE-2024-2529MEDIUMMAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php unrestricted uploadEPSS 0.6%CVE-2024-51791CRITICALWordPress Forms plugin <= 2.8.0 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2023-7159MEDIUMgopeak MasterLab User.php update unrestricted uploadEPSS 0.6%CVE-2024-41339HIGHAn issue in the CGI endpoint used to upload configurations in Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.EPSS 0.6%