Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications.
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications.
Unsafe default file type filter policy in HCL Domino Volt allows upload of .html file and execution of unsafe JavaScript in deployed applications
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications.
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications.
CVE-2010-20049
CRITICAL CVSS 9.3
Find Similar
LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application
Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem.
CVE-2024-43160
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6.
CVE-2025-49447
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Food Menu allows Using Malicious Files. This issue affects FW Food Menu : from n/a through 6.0.0.
CVE-2024-53822
CRITICAL CVSS 10.0
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
CVE-2024-52398
CRITICAL CVSS 9.1
Find Similar
Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI collect-and-deliver-interface-for-woocommerce.This issue affects CDI: from n/a through <= 5.5.3.
Page 1+ Next →