Lucene search
K

2686 matches found

NVD
NVD
added 2026/04/15 5:17 p.m.3 views

CVE-2026-20078

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 4:3 p.m.4 views

CVE-2026-20081 Cisco Unity Connection Arbitrary File Download Vulnerability

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS6AI score0.00388EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 4:3 p.m.15 views

CVE-2026-20081

Cisco Unity Connection is affected by CVE-2026-20081, which involves multiple vulnerabilities caused by improper sanitization of user input in the web-based management interface. An authenticated attacker with valid administrative credentials can trigger a crafted HTTPS request to download arbitr...

6.5CVSS6AI score0.00388EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/15 4:3 p.m.2 views

CVE-2026-20081

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS6AI score0.00388EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/15 4:3 p.m.18 views

CVE-2026-20081 Cisco Unity Connection Arbitrary File Download Vulnerability

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 4:3 p.m.4 views

CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS6AI score0.00388EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 4:3 p.m.15 views

CVE-2026-20078

Product/affected component: Cisco Unity Connection (web-based management interface). Vulnerability: Multiple input sanitization failures allow an authenticated, remote attacker to download arbitrary files from the affected system. Prerequisites: Valid administrative credentials. Attack vector: Ne...

6.5CVSS6AI score0.00388EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/15 4:3 p.m.18 views

CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS0.00388EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/15 4:0 p.m.29 views

Cisco Unity Connection Arbitrary File Download Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS6AI score
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.11 views

Cisco Unity Connection(UC) 安全漏洞

Cisco Unity Connection is a voice messaging platform developed by Cisco, a company based in the United States. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper user inpu...

6.5CVSS6AI score0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.5 views

PT-2026-33083

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS6AI score0.00388EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.9 views

Cisco Unity Connection 安全漏洞

Cisco Unity Connection is a voice messaging platform developed by Cisco, a company based in the United States. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper user inpu...

6.5CVSS6AI score0.00388EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

Krajowa Izba Rozliczeniowa Szafir SDK Web 安全漏洞

Krajowa Izba Rozliczeniowa Szafir SDK Web is a development toolkit for electronic signatures and identity authentication provided by the Polish company Krajowa Izba Rozliczeniowa. Versions of Krajowa Izba Rozliczeniowa Szafir SDK Web prior to 0.0.17.4 contained security vulnerabilities. These...

5.1CVSS5.9AI score0.00266EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/03/30 12:36 p.m.4 views

WordPress Shared Files plugin < 1.7.58 - Contributor+ Arbitrary File Download vulnerability

Contributor+ Arbitrary File Download vulnerability discovered by Muhammad Rohan khan in WordPress Plugin Shared Files versions 1.7.58...

6.8CVSS5.9AI score0.0043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/26 6:0 a.m.27 views

CVE-2025-15433 Shared Files < 1.7.58 - Contributor+ Arbitrary File Download

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...

0.0043EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 6:0 a.m.15 views

CVE-2025-15433

The Shared Files WordPress plugin, versions before 1.7.58, is affected by a path traversal vulnerability that allows users with a role as low as Contributor to arbitrarily download any file on the web server (e.g., wp-config.php). Root cause: improper validation in file download logic. Affected p...

6.8CVSS5.8AI score0.0043EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 6:0 a.m.3 views

CVE-2025-15433 Shared Files < 1.7.58 - Contributor+ Arbitrary File Download

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...

5.8AI score0.0043EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.8 views

PT-2026-28212

The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...

5.8AI score0.0043EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.10 views

WordPress plugin Shared Files 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.8CVSS5.8AI score0.0043EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.7 views

NetNumber Titan Master 路径遍历漏洞

NetNumber Titan Master is a number management platform developed by the American company NetNumber. The version 7.9.1 of NetNumber Titan Master contains a path traversal vulnerability. This vulnerability stems from the drp endpoint’s lack of protection against path traversal, allowing authenticat...

7.1CVSS5.9AI score0.00622EPSS
Exploits0References3
Rows per page
Query Builder