Falhas do tipo CWE-434

2.805 resultados
CVE-2026-0911HIGHHustle <= 7.8.9.2 - Authenticated (Subscriber+) Arbitrary File Upoload via Module ImportEPSS 0.5%CVE-2024-47259LOWGirishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input valEPSS 0.5%CVE-2023-0257MEDIUMSourceCodester Online Food Ordering System Menu Form unrestricted uploadEPSS 0.5%CVE-2026-41938HIGHVvveb < 1.0.8.2 RCE via Media Upload HandlerEPSS 0.5%CVE-2024-7277MEDIUMitsourcecode Alton Management System Add a Menu menu.php unrestricted uploadEPSS 0.5%CVE-2023-4097HIGHMultiple vulnerabilities in IDM Sistemas QSigeEPSS 0.5%CVE-2020-37227HIGHWordPress Plugin HS Brand Logo Slider 2.1 Unrestricted File UploadEPSS 0.5%CVE-2021-24490Email Artillery <= 4.1 - Arbitrary File UploadEPSS 0.5%CVE-2024-54525HIGHA logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visEPSS 0.5%CVE-2020-36882HIGHFlexsense DiskBoss Application Crash Denial of ServiceEPSS 0.5%CVE-2024-57450CRITICALChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function.EPSS 0.5%CVE-2023-7330CRITICALRuijie Networks NBR Routers Unauthenticated Arbitrary File Upload via fileupload.phpEPSS 0.5%CVE-2025-57795CRITICALUnauthenticated Remote File Download in Explorance BlueEPSS 0.5%CVE-2024-46625HIGHAn authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers tEPSS 0.5%CVE-2025-9112HIGHDoccure <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.5%CVE-2023-42803MEDIUMBigBlueButton Unrestricted File Upload vulnerabilityEPSS 0.5%CVE-2023-51412CRITICALWordPress Piotnet Forms Plugin <= 1.0.25 is vulnerable to Arbitrary File UploadEPSS 0.5%CVE-2023-53871MEDIUMSoosyze 2.0.0 Unrestricted File Upload via Broken Upload LogicEPSS 0.5%CVE-2024-49658CRITICALWordPress Woocommerce Custom Profile Picture plugin <= 1.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-37418CRITICALWordPress Church Admin plugin <= 4.4.6 - Arbitrary File Upload vulnerabilityEPSS 0.5%