CWE-434

4,011 vulnerabilities with CWE-434

CVE-2025-61768 MEDIUM

KUNO CMS <1.3.15 - SSRF

CVE-2025-61687 HIGH

FlowiseAI 3.0.7 - RCE

CVSS 8.3

CVE-2025-11320 MEDIUM

zhuimengshaonian wisdom-education <1.0.4 - Unrestricted Upload

CVSS 6.3

CVE-2025-11318 HIGH

Tipray Data Leakage Prevention System 1.0 - Unrestricted Upload

CVSS 7.3

CVE-2025-61681 MEDIUM

KUNO CMS <1.3.13 - XSS

CVSS 5.4

CVE-2025-9561 HIGH

AP Background plugin <3.8.2 - RCE

CVSS 8.8

CVE-2025-9212 HIGH

WP Dispatcher <1.2.0 - RCE

CVSS 7.5

CVE-2025-59835 HIGH

LangBot <4.3.5 - Privilege Escalation

CVE-2025-11221 HIGH

GTONE ChangeFlow <9.0.1.1 - Path Traversal

CVSS 8.8

CVE-2025-11020 HIGH

MarkAny SafePC Enterprise <7.0.1 - SQL Injection

CVSS 8.8

CVE-2025-56515 HIGH

Suisuijiang Fiora - XSS

CVSS 8.8

CVE-2025-8120 CRITICAL

Widzialni Pad Cms < 1.2.1 - Unrestricted File Upload

CVSS 9.8

CVE-2025-7065 CRITICAL

Widzialni Pad Cms < 1.2.1 - Unrestricted File Upload

CVSS 9.8

CVE-2025-7063 CRITICAL

Widzialni Pad Cms < 1.2.1 - Unrestricted File Upload

CVSS 9.8

CVE-2025-10000 MEDIUM

Qyrr WordPress <2.0.7 - RCE

CVSS 6.4

CVE-2025-34222 CRITICAL

Vasion Virtual Appliance Application - Missing Authentication

CVSS 9.1

CVE-2025-35032 LOW

Mieweb Enterprise Health - Unrestricted File Upload

CVSS 3.4

CVE-2025-11136 MEDIUM

YiFang CMS <2.0.2 - Unrestricted Upload

CVSS 4.7

CVE-2025-11103 MEDIUM

Projectworlds Online Tours and Travels 1.0 - Unrestricted Upload

CVSS 4.7

CVE-2025-11078 MEDIUM

itsourcecode Open Source Job Portal 1.0 - Unrestricted Upload

CVSS 6.3

CVE-2025-10544 HIGH

DocAve 6.13.2-4.7.1 - Unrestricted File Upload

CVE-2025-60219 CRITICAL

HaruTheme WooCommerce Designer Pro <1.9.24 - RCE

CVSS 10.0

CVE-2025-1862 MEDIUM

WSO2 products - RCE

CVSS 6.7

CVE-2025-10747 HIGH

WP-DownloadManager <1.68.11 - File Upload

CVSS 7.2

CVE-2025-59525 MEDIUM

Horilla < 1.4.0 - XSS

CVSS 6.1