16821 matches found
CVE-2025-20326
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
CVE-2025-20280
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...
CVE-2025-20280
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...
CVE-2025-20287
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...
CVE-2025-20326
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
CVE-2025-20270
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of reques...
CVE-2025-20330 Cisco Unified Communications Manager IM and Presence Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...
CVE-2025-20330 Cisco Unified Communications Manager IM and Presence Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...
CVE-2025-20280 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...
CVE-2025-20280
The CVE-2025-20280 issue affects Cisco EPNM and Cisco Prime Infrastructure, where the web-based management interface improperly validates user input, enabling an authenticated, remote attacker with administrative credentials to perform a stored cross-site scripting (XSS) attack against interface ...
CVE-2025-20326
Cisco Unified Communications Manager (Unified CM) and UCS SME web-based management interface CSRF vulnerability (CVE-2025-20326) allows an unauthenticated, remote attacker to perform arbitrary actions with the privileges of the affected user by tricking them into clicking a malicious link. Impact...
CVE-2025-20326 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
CVE-2025-20326 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
CVE-2025-20287 Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...
CVE-2025-20287 Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...
CVE-2025-20287
Cisco EPNM Arbitrary File Upload (CVE-2025-20287) affects the web-based management interface of Cisco Evolved Programmable Network Manager. Root cause: improper validation of uploaded files via a specific API endpoint, allowing an authenticated attacker with valid Config Managers credentials to u...
CVE-2025-20270
CVE-2025-20270 affects Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. The issue is an information disclosure caused by improper validation of API endpoint requests in the web-based management interface. An authenticated, low-privileged user could remotely exploi...
CVE-2025-56498
An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of reques...