Falhas do tipo CWE-434
2.804 resultadosCVE-2025-54448CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 0.6%CVE-2024-9904MEDIUM07FLYCMS/07FLY-CMS/07FlyCRM pictureUpload unrestricted uploadEPSS 0.6%CVE-2025-54444CRITICALUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 0.6%CVE-2024-11674MEDIUMCodeAstro Hospital Management System his_doc_update-account.php unrestricted uploadEPSS 0.6%CVE-2024-9815MEDIUMCodezips Tourist Management System create-package.php unrestricted uploadEPSS 0.6%CVE-2024-1925MEDIUMCtcms Upsys.php unrestricted uploadEPSS 0.6%CVE-2019-25296CRITICALWP Cost Estimation <= 9.642 - Missing Authorization to Arbitrary File Upload/DeleteEPSS 0.6%CVE-2024-9816MEDIUMCodezips Tourist Management System change-image.php unrestricted uploadEPSS 0.6%CVE-2024-7495MEDIUMitsourcecode Laravel Accounting System HomeController.php unrestricted uploadEPSS 0.6%CVE-2024-13418HIGHSmart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.6%CVE-2015-1785—In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the weEPSS 0.6%CVE-2023-51421CRITICALWordPress Verge3D Plugin <= 4.5.2 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2024-48180CRITICALClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can include a file uploaded to the/class/teEPSS 0.6%CVE-2025-7438HIGHMasterStudy LMS – Online Courses, eLearning PRO Plus <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.6%CVE-2024-8746HIGHFile Manager Pro <= 8.3.9 - Unauthenticated Backup File Download and UploadEPSS 0.6%CVE-2025-12682CRITICALEasy Upload Files During Checkout <= 2.9.8 - Unauthenticated Arbitrary JavaScript File UploadEPSS 0.6%CVE-2024-2059MEDIUMSourceCodester Petrol Pump Management Software service_crud.php unrestricted uploadEPSS 0.6%CVE-2024-3123HIGHCHANGING Mobile One Time Password - Arbitrary File UploadEPSS 0.6%CVE-2024-1262MEDIUMJuanpao JPShop API MaterialController.php actionUpdate unrestricted uploadEPSS 0.6%CVE-2024-1260MEDIUMJuanpao JPShop API ComboController.php actionIndex unrestricted uploadEPSS 0.6%