Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-28951
CRITICAL CVSS 9.1
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: fro
CVE-2025-39380
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla Hospital Management System hospital-management allows Upload a Web Shell to a Web Server.This issue affects Hospital Managemen
CVE-2025-0471
CRITICAL CVSS 9.8
Find Similar
Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being
CVE-2026-32524
CRITICAL CVSS 9.1
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through <= 6.4.9.
CVE-2025-22782
CRITICAL CVSS 9.9
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Upload a Web Shell to a Web Server.This issue
CVE-2025-39402
CRITICAL CVSS 9.9
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08
CVE-2025-39401
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS apartment-management allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through <= 44.0 (17-08
CVE-2025-58996
CRITICAL CVSS 9.1
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Helmut Wandl Advanced Settings advanced-settings allows Upload a Web Shell to a Web Server.This issue affects Advanced Settings: from n
Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server. This issue affects Academy LMS Pro: from n/a before 3.5.2.
CVE-2024-50493
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation automatic-translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Trans
An unrestricted upload of file with dangerous type vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to write malicious code in a specific file, which m
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit
CVE-2024-52400
CRITICAL CVSS 9.9
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Subhasis Laha Gallerio gallerio allows Upload a Web Shell to a Web Server.This issue affects Gallerio: from n/a through <= 1.01.
A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized acce
CVE-2024-49324
CRITICAL CVSS 9.8
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in sovratecdev Sovratec Case Management sovratec-case-management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Cas
CVE-2025-30933
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub logistics-hub allows Upload a Web Shell to a Web Server.This issue affects LogisticsHub: from n/a through <=
CVE-2024-40394
CRITICAL CVSS 9.8
Find Similar
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php.
CVE-2025-23953
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Scriptonite user files user-files allows Upload a Web Shell to a Web Server.This issue affects user files: from n/a through <= 2.4.2.
CVE-2025-53251
CRITICAL CVSS 9.9
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP pin-wp allows Upload a Web Shell to a Web Server.This issue affects Pin WP: from n/a through < 7.2.
CVE-2025-32579
CRITICAL CVSS 9.9
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through <= 1