Lucene search
K

16821 matches found

OSV
OSV
added 2025/09/03 6:15 p.m.1 views

CVE-2025-20326

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

8.8CVSS5.8AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2025/09/03 6:15 p.m.4 views

CVE-2025-20280

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...

4.8CVSS6AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 6:15 p.m.3 views

CVE-2025-20280

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...

4.8CVSS0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 6:15 p.m.7 views

CVE-2025-20287

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...

8.8CVSS0.00295EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 6:15 p.m.4 views

CVE-2025-20326

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

8.8CVSS0.00167EPSS
Exploits0References1
NVD
NVD
added 2025/09/03 6:15 p.m.5 views

CVE-2025-20270

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of reques...

6.5CVSS0.00287EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 5:40 p.m.3 views

CVE-2025-20330 Cisco Unified Communications Manager IM and Presence Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

6.1CVSS5.7AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/03 5:40 p.m.19 views

CVE-2025-20330 Cisco Unified Communications Manager IM and Presence Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

6.1CVSS0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 5:40 p.m.2 views

CVE-2025-20280 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...

4.8CVSS5.6AI score0.00207EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 5:40 p.m.21 views

CVE-2025-20280

The CVE-2025-20280 issue affects Cisco EPNM and Cisco Prime Infrastructure, where the web-based management interface improperly validates user input, enabling an authenticated, remote attacker with administrative credentials to perform a stored cross-site scripting (XSS) attack against interface ...

4.8CVSS5.6AI score0.00207EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2025/09/03 5:40 p.m.24 views

CVE-2025-20326

Cisco Unified Communications Manager (Unified CM) and UCS SME web-based management interface CSRF vulnerability (CVE-2025-20326) allows an unauthenticated, remote attacker to perform arbitrary actions with the privileges of the affected user by tricking them into clicking a malicious link. Impact...

8.8CVSS6.4AI score0.00167EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/09/03 5:40 p.m.8 views

CVE-2025-20326 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

4.3CVSS0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 5:40 p.m.3 views

CVE-2025-20326 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

4.3CVSS6.4AI score0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 5:40 p.m.3 views

CVE-2025-20287 Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...

4.3CVSS6.5AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/03 5:40 p.m.12 views

CVE-2025-20287 Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...

4.3CVSS0.00295EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 5:40 p.m.26 views

CVE-2025-20287

Cisco EPNM Arbitrary File Upload (CVE-2025-20287) affects the web-based management interface of Cisco Evolved Programmable Network Manager. Root cause: improper validation of uploaded files via a specific API endpoint, allowing an authenticated attacker with valid Config Managers credentials to u...

8.8CVSS6.6AI score0.00295EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/09/03 5:39 p.m.24 views

CVE-2025-20270

CVE-2025-20270 affects Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. The issue is an information disclosure caused by improper validation of API endpoint requests in the web-based management interface. An authenticated, low-privileged user could remotely exploi...

6.5CVSS5.9AI score0.00287EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2025/09/03 4:15 p.m.7 views

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

5.3CVSS0.01722EPSS
Exploits1References2
Cisco
Cisco
added 2025/09/03 4:0 p.m.10 views

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...

4.8CVSS6.1AI score0.00207EPSS
Exploits0References1
Cisco
Cisco
added 2025/09/03 4:0 p.m.9 views

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of reques...

4.3CVSS6.5AI score0.00287EPSS
Exploits0References1
Rows per page
Query Builder