2686 matches found
CVE-2026-20078
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20081 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20081
Cisco Unity Connection is affected by CVE-2026-20081, which involves multiple vulnerabilities caused by improper sanitization of user input in the web-based management interface. An authenticated attacker with valid administrative credentials can trigger a crafted HTTPS request to download arbitr...
CVE-2026-20081
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20081 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20078
Product/affected component: Cisco Unity Connection (web-based management interface). Vulnerability: Multiple input sanitization failures allow an authenticated, remote attacker to download arbitrary files from the affected system. Prerequisites: Valid administrative credentials. Attack vector: Ne...
CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
Cisco Unity Connection Arbitrary File Download Vulnerabilities
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
Cisco Unity Connection(UC) 安全漏洞
Cisco Unity Connection is a voice messaging platform developed by Cisco, a company based in the United States. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper user inpu...
PT-2026-33083
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
Cisco Unity Connection 安全漏洞
Cisco Unity Connection is a voice messaging platform developed by Cisco, a company based in the United States. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper user inpu...
Krajowa Izba Rozliczeniowa Szafir SDK Web 安全漏洞
Krajowa Izba Rozliczeniowa Szafir SDK Web is a development toolkit for electronic signatures and identity authentication provided by the Polish company Krajowa Izba Rozliczeniowa. Versions of Krajowa Izba Rozliczeniowa Szafir SDK Web prior to 0.0.17.4 contained security vulnerabilities. These...
WordPress Shared Files plugin < 1.7.58 - Contributor+ Arbitrary File Download vulnerability
Contributor+ Arbitrary File Download vulnerability discovered by Muhammad Rohan khan in WordPress Plugin Shared Files versions 1.7.58...
CVE-2025-15433 Shared Files < 1.7.58 - Contributor+ Arbitrary File Download
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433
The Shared Files WordPress plugin, versions before 1.7.58, is affected by a path traversal vulnerability that allows users with a role as low as Contributor to arbitrarily download any file on the web server (e.g., wp-config.php). Root cause: improper validation in file download logic. Affected p...
CVE-2025-15433 Shared Files < 1.7.58 - Contributor+ Arbitrary File Download
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
PT-2026-28212
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
WordPress plugin Shared Files 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
NetNumber Titan Master 路径遍历漏洞
NetNumber Titan Master is a number management platform developed by the American company NetNumber. The version 7.9.1 of NetNumber Titan Master contains a path traversal vulnerability. This vulnerability stems from the drp endpoint’s lack of protection against path traversal, allowing authenticat...