Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment
Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha.
A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypass
MarkUs, a web application for the submission and grading of student assignments, is vulnerable to path traversal in versions prior to 2.4.8. Authenticated instructors may download any file on the web
Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled.
A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler.
The WP Job Portal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.4.0 via the 'downloadCustomUploadedFile' function. This makes it possible for authen
A vulnerability was identified in kalcaddle kodbox 1.64. The affected element is the function PathDriverUrl of the file /workspace/source-code/app/controller/explorer/editor.class.php of the component
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file s
CVE-2019-25727
CRITICAL CVSS 9.3
Find Similar
WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers
CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request.
A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via crafted HTTP requests.
Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions.
A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows an authenticated user to read files in the server.
WWBN AVideo is an open source video platform. In versions up to and including 26.0, an unauthenticated API endpoint (`APIName=locale`) concatenates user input into an `include` path with no canonicali
CVE-2025-5993
CRITICAL CVSS 9.2
Find Similar
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to
CodiMD allows realtime collaborative markdown notes on all platforms. CodiMD before 2.5.4 is missing authentication and access control vulnerability allowing an unauthenticated attacker to gain unauth
CVE-2024-45076
CRITICAL CVSS 9.9
Find Similar
IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system.
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator c