Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute code.
An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server.
CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could render the device inoperable when a malicious file is downloaded.
An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise.
An attacker could exploit this vulnerability by uploading arbitrary files via a specific service, which could lead to system compromise.
CVE-2024-11984
CRITICAL CVSS 9.4
Find Similar
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload re
An arbitrary file upload vulnerability was reported in the Lenovo Scanner Pro client during an internal security assessment that could allow remote code execution or unauthorized control of the affect
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file saniti
CVE-2024-46088
CRITICAL CVSS 9.8
Find Similar
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary
Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, an
CVE-2024-52320
CRITICAL CVSS 9.3
Find Similar
The affected product is vulnerable to a command injection. An unauthenticated attacker could send commands through a malicious HTTP request which could result in remote code execution.
There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web s
A CWE-434 "Unrestricted Upload of File with Dangerous Type" in the template file uploads in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to upload malici
CVE-2024-41577
CRITICAL CVSS 9.8
Find Similar
An arbitrary file upload vulnerability in the Ueditor component of productinfoquick v1.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.
CVE-2025-57794
CRITICAL CVSS 9.1
Find Similar
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administrative interface. The application does not adequately restrict uploaded file typ
CVE-2023-26686
CRITICAL CVSS 9.8
Find Similar
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop.
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.
Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800
Page 1+ Next →