CVE-2026-20175

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2026-20175 Cisco Finesse File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

CVE-2026-20175

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

Cisco Finesse 安全漏洞

Cisco Finesse is a call center management software developed by the American company Cisco. There is a security vulnerability in Cisco Finesse, which stems from insufficient validation of HTTP request inputs provided to users. This vulnerability could allow unauthorized remote attackers to load...

The vulnerability of the resize() and text() methods of the ImageMagick framework, which are used for developing web systems and CodeIgniter applications, allows attackers to load arbitrary files.

The vulnerability of the resize and text methods of the ImageMagick framework used for developing web systems and CodeIgniter applications relates to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote...

The vulnerability of the VMware Aria Operations for Logs network log analysis tool relates to the possibility of bypassing authentication, allowing an attacker to execute arbitrary code.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to the possibility of bypassing authentication. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading files into the device’s operating system remotely...

SUSE CVE-2005-0141

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab...

SUSE CVE-2006-3812

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links...

The vulnerability of the packet handler in the centralized video surveillance equipment management system of Dahua DSS Professional and DSS Express, as well as the DHI-DSS4004-S2/DHI-DSS7016D-S2/DHI-DSS7016DR-S2 video surveillance management servers, allows a intruder to load arbitrary files into the system.

The vulnerability of the packet handler in the centralized video surveillance equipment management system of Dahua DSS Professional and DSS Express, as well as the DHI-DSS4004-S2/DHI-DSS7016D-S2/DHI-DSS7016DR-S2 video surveillance management servers, is related to the ability to load unlimited...

CVE-2005-0141

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab...