Lucene search
K

78 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.10 views

CVE-2020-10557

An issue was discovered in AContent through 1.4. It allows the user to run commands on the server with a low-privileged account. The upload section in the file manager page contains an arbitrary file upload vulnerability via upload.php. The extension .php7 bypasses file upload restrictions...

8.8CVSS7.2AI score0.01373EPSS
Exploits1References1
NVD
NVD
added 2025/11/05 5:15 p.m.27 views

CVE-2025-20304

Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

5.4CVSS0.00193EPSS
Exploits0References1
CVE
CVE
added 2025/11/05 4:33 p.m.17 views

CVE-2025-20304

CVE-2025-20304: Cisco ISE and ISE-PIC web-based management interfaces contain input-validation flaws that enable a reflected XSS attack by an authenticated, low-privilege user. The issue stems from insufficient validation of user-supplied input on page rendering, allowing injection of malicious s...

5.4CVSS6.5AI score0.00193EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/11/05 4:32 p.m.17 views

CVE-2025-20289

Cisco ISE and Cisco ISE-PIC's web-based management interface authenticate to users and are affected by multiple vulnerabilities allowing reflected XSS due to insufficient input validation. An authenticated, low-privilege attacker can exploit specific pages to run arbitrary script code in the user...

5.4CVSS6.5AI score0.00196EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.17 views

PT-2025-45126

Name of the Vulnerable Software and Affected Versions Cisco ISE and Cisco ISE-PIC affected versions not specified Description The web-based management interface of Cisco ISE and Cisco ISE-PIC contains flaws that may allow an authenticated, remote attacker to conduct a reflected Cross-Site Scripti...

5.4CVSS6.2AI score0.00193EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-24657

Malware in sbrugna...

9CVSS8.8AI score0.02042EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-16129

Malware in sbrugna...

9CVSS9.3AI score0.01351EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-22149

Malware in sbrugna...

8.8CVSS8.6AI score0.01484EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-18850

Malware in sbrugna...

8.1CVSS8.2AI score0.00859EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-3009

Malware in sbrugna...

8.8CVSS8.6AI score0.01373EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4988

Malicious code in bioql PyPI...

4.6CVSS6.6AI score0.00162EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-38579

Malicious code in bioql PyPI...

7.8CVSS7.8AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 2025/08/06 5:15 p.m.5 views

CVE-2025-20331

A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based managemen...

5.4CVSS0.0022EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/06 4:14 p.m.10 views

CVE-2025-20331 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabiliy

A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based managemen...

5.4CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2025/07/07 4:15 p.m.21 views

CVE-2025-53374

Dokploy is a self-hostable Platform as a Service PaaS that simplifies the deployment and management of applications and databases. An authenticated low-privileged account can retrieve detailed profile information about another users in the same organization by directly invoking user.one. The...

5.3CVSS0.00202EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.6 views

CVE-2025-20167

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

5.4CVSS6AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.7 views

CVE-2025-20168

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied...

5.4CVSS6AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:23 a.m.9 views

CVE-2024-20443

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affect...

5.4CVSS6.6AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.12 views

CVE-2024-20514

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

5.4CVSS5.7AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.10 views

CVE-2019-10940

A vulnerability has been identified in SINEMA Server All versions V14.0 SP2 Update 1. Incorrect session validation could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. The security vulnerability...

9.9CVSS6.8AI score0.01208EPSS
Exploits0References1
Rows per page
Query Builder