Lucene search
K

16831 matches found

CNNVD
CNNVD
added 2025/06/09 12:0 a.m.3 views

Papendorf Software Engineering GmbH Papendorf SOL Connect Center 访问控制错误漏洞

Papendorf Software Engineering GmbH Papendorf SOL Connect Center is a solar photovoltaic management system from Papendorf Software Engineering GmbH, Germany. An access control error vulnerability exists in Papendorf Software Engineering GmbH Papendorf SOL Connect Center version 3.3.0.0, which ste...

6.9CVSS5.7AI score0.00414EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/09 12:0 a.m.2 views

CyberData 011209 Intercom 安全漏洞

CyberData 011209 Intercom is an emergency calling device from CyberData, Inc. A security vulnerability exists in CyberData 011209 Intercom that originates from an unauthorized user being able to access the web interface via an alternate path...

9.8CVSS6.6AI score0.00467EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.6 views

PT-2025-24415 · Trendnet · Trendnet Tv-Ip121Wn

Name of the Vulnerable Software and Affected Versions: TRENDnet TV-IP121W version 1.1.1 Build 36 Description: A critical vulnerability has been found in the Web Interface of TRENDnet TV-IP121W, affecting an unknown functionality of the file /admin/setup.cgi. This vulnerability leads to improper...

7.5CVSS7.2AI score0.00402EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/06/09 12:0 a.m.6 views

PT-2025-24570 · Cyberdata · Cyberdata 011209 Intercom

Name of the Vulnerable Software and Affected Versions: CyberData 011209 Intercom affected versions not specified Description: The issue allows an unauthenticated user to access the Web Interface through an alternate path. Recommendations: At the moment, there is no information about a newer versi...

9.8CVSS6.2AI score0.00467EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.5 views

The vulnerability in the web interface for controlling microprogrammed IP phones of the Cisco Small Business SPA500 series allows attackers to perform cross-site scripting attacks.

The vulnerability in the web interface for managing microprogrammed IP phones of the Cisco Small Business SPA500 series is related to the lack of measures taken to neutralize HTML tags. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

5.8CVSS6.1AI score0.00368EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/06 5:21 p.m.14 views

CVE-2025-20129

A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform CCP, formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent...

5.4CVSS6.8AI score0.00302EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/05 12:0 a.m.9 views

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to execute arbitrary code.

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

4.3CVSS5.9AI score0.13093EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2025/06/04 5:15 p.m.4 views

CVE-2025-20279

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

4.8CVSS5.8AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2025/06/04 5:15 p.m.1 views

CVE-2025-20277

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper...

6.7CVSS6.1AI score0.00147EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/06/04 5:15 p.m.2 views

CVE-2025-20276

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insecure...

7.2CVSS6.3AI score0.00362EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/06/04 5:15 p.m.3 views

CVE-2025-20273

A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact Management Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This...

6.1CVSS6AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2025/06/04 5:15 p.m.3 views

CVE-2025-20276

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insecure...

7.2CVSS6.2AI score0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/04 4:18 p.m.11 views

CVE-2025-20279 Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

4.8CVSS0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/04 4:17 p.m.36 views

CVE-2025-20129 Cisco Customer Collaboration Platform Information Disclosure Vulnerability

A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform CCP, formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent...

4.3CVSS0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/04 7:15 a.m.5 views

CVE-2025-5113

The Diviotec professional series exposes a web interface. One endpoint is vulnerable to arbitrary command injection and hardcoded passwords are used...

8.6CVSS7.5AI score0.06793EPSS
Exploits0References1
Fedora
Fedora
added 2025/06/04 3:35 a.m.11 views

[SECURITY] Fedora 41 Update: nextcloud-31.0.5-1.fc41

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

7.5CVSS7.6AI score0.00394EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.4 views

The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and gain unauthorized access to protected...

5.5CVSS6AI score0.00265EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.3 views

PT-2025-23824 · Cisco · Cisco Unified Ccx

Name of the Vulnerable Software and Affected Versions: Cisco Unified CCX affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to execute arbitrary code on an affected device. The attacker must have valid...

7.2CVSS7.3AI score0.00362EPSS
Exploits0References8
NVD
NVD
added 2025/06/02 8:15 a.m.9 views

CVE-2025-5113

The Diviotec professional series exposes a web interface. One endpoint is vulnerable to arbitrary command injection and hardcoded passwords are used...

8.6CVSS0.06793EPSS
Exploits0References1
NVD
NVD
added 2025/06/02 8:15 a.m.12 views

CVE-2025-0325

A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device...

4.3CVSS0.00322EPSS
Exploits0References1
Rows per page
Query Builder