Falhas do tipo CWE-434
2.786 resultadosCVE-2022-34128CRITICALThe Cartography (aka positions) plugin before 6.0.1 for GLPI allows remote code execution via PHP code in the POST data to front/upload.php.EPSS 7.7%CVE-2025-54441HIGHUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 7.4%CVE-2021-24236—Imagements <= 1.2.5 - Unauthenticated Arbitrary File Upload to RCEEPSS 7.1%CVE-2025-13065HIGHStarter Templates <= 4.4.41 - Authenticated (Author+) Arbitrary File Upload via WXR Upload BypassEPSS 7.1%CVE-2020-36705CRITICALAdning Advertising <= 1.5.5 - Arbitrary File UploadEPSS 6.9%CVE-2025-54439HIGHUnrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affEPSS 6.9%CVE-2021-34624CRITICALProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader ComponentEPSS 6.7%CVE-2017-3189—The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to arbitrary file uploadEPSS 6.5%CVE-2025-5961HIGHMigration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File UploadEPSS 6.5%CVE-2020-20969HIGHFile Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file.EPSS 6.3%CVE-2024-2561MEDIUM74CMS Company Logo Index.php#sendCompanyLogo unrestricted uploadEPSS 6.1%CVE-2021-37608—Arbitrary file upload vulnerability in OFBizEPSS 6.0%CVE-2023-5144MEDIUMD-Link DAR-7000/DAR-8000 updateos.php unrestricted uploadEPSS 6.0%CVE-2023-0455HIGHUnrestricted Upload of File with Dangerous Type in unilogies/bumsysEPSS 5.7%CVE-2024-2667CRITICALInstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.22 - Unauthenticated Arbitrary File UploadEPSS 5.7%CVE-2024-0300MEDIUMByzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted uploadEPSS 5.7%CVE-2025-6058CRITICALWPBookit <= 1.0.4 - Unauthenticated Arbitrary File UploadEPSS 5.6%CVE-2020-24407CRITICALArbitrary code execution via file import functionalityEPSS 5.5%CVE-2016-15042CRITICALFrontend File Manager < 4.0 & N-Media Post Front-end Form < 1.1 & - Arbitrary File UploadEPSS 5.5%CVE-2021-4449CRITICALZoomSounds <= 5.96 - Unauthenticated Arbitrary File UploadEPSS 5.3%