CWE-434

4,012 vulnerabilities with CWE-434

CVE-2025-6837 MEDIUM

code-projects Library System 1.0 - Unrestricted Upload

CVSS 6.3

CVE-2025-53260 CRITICAL

File Manager Plugin For Wordpress <7.5 - RCE

CVSS 9.1

CVE-2025-49885 CRITICAL

HaruTheme Drag and Drop Multiple File Upload (Pro) - WooCommerce <5...

CVSS 10.0

CVE-2025-30131 CRITICAL

IROAD Dashcam FX2 - RCE

CVSS 9.8

CVE-2025-34046 CRITICAL

Fanwei E-Office <= v9.4 - Unauthenticated RCE

CVE-2025-6667 MEDIUM

Anisha Car Rental System - Improper Access Control

CVSS 6.3

CVE-2025-6435 HIGH

Mozilla Firefox < 140.0 - Unrestricted File Upload

CVSS 8.1

CVE-2025-6206 HIGH

Aiomatic - GPT-3 & GPT-4 - Code Injection

CVSS 7.5

CVE-2025-36519 MEDIUM

WRC-2533GST2, WRC-1167GST2 - Code Injection

CVSS 4.3

CVE-2025-34040 CRITICAL

Zhiyuan OA - RCE

CVE-2025-6466 MEDIUM

Ageerle Ruoyi-ai < 2.0.1 - Improper Access Control

CVSS 6.3

CVE-2025-6422 MEDIUM

Campcodes Online Recruitment Manageme... - Improper Access Control

CVSS 6.3

CVE-2025-4102 HIGH

Fastlinemedia Beaver Builder < 2.9.1.1 - Unrestricted File Upload

CVSS 7.2

CVE-2025-6266 MEDIUM

Teledyne FLIR AX8 <1.46 - Unrestricted Upload

CVSS 6.3

CVE-2025-23171 HIGH

Versa Director - RCE

CVSS 7.2

CVE-2025-46157 CRITICAL

Efrotech Timetrax - Unrestricted File Upload

CVSS 9.9

CVE-2025-6220 HIGH

Ultra Addons for Contact Form 7 <3.5.12 - File Upload

CVSS 7.2

CVE-2025-6086 HIGH

CSV Me plugin - File Upload

CVSS 7.2

CVE-2025-4413 HIGH

Pixabay Images <3.4 - RCE

CVSS 8.8

CVE-2025-34511 HIGH

Sitecore XP CVE-2025-34511 Post-Authentication File Upload

CVSS 8.8

CVE-2025-47866 MEDIUM

Trendmicro Apex Central - Unrestricted File Upload

CVSS 4.3

CVE-2025-49447 CRITICAL

Fastw3b LLC FW Food Menu <6.0.0 - Unrestricted Upload of File with ...

CVSS 10.0

CVE-2025-49444 CRITICAL

Merkulove Reformer for Elementor <1.0.5 - Code Injection

CVSS 10.0

CVE-2025-49071 CRITICAL

NasaTheme Flozen - RCE

CVSS 10.0

CVE-2025-47559 CRITICAL

RomanCode MapSVG <8.5.32 - RCE

CVSS 9.9