Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-11984
CRITICAL CVSS 9.4
Find Similar
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in Corporate Training Management System before 10.13 allows remote authenticated users to bypass file upload re
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device
An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary co
CVE-2023-43958
CRITICAL CVSS 9.8
Find Similar
An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload any file to the server
CVE-2025-69828
CRITICAL CVSS 10.0
Find Similar
File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit
CVE-2025-40599
CRITICAL CVSS 9.1
Find Similar
An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary f
File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute arbitrary code via the file upload component.
CVE-2024-46376
CRITICAL CVSS 9.8
Find Similar
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the update_account() function of the file rental/admin_class.php.
CVE-2024-46088
CRITICAL CVSS 9.8
Find Similar
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary
A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/upl
A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft/assets/uploadImage/Profile/ of the compo
CVE-2025-54762
CRITICAL CVSS 9.3
Find Similar
SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
CVE-2025-53970
CRITICAL CVSS 9.3
Find Similar
SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
CVE-2024-51360
CRITICAL CVSS 9.8
Find Similar
An issue in Hospital Management System In PHP V4.0 allows a remote attacker to execute arbitrary code via the hms/doctor/edit-profile.php file
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privi
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific file management functions. This
Page 1+ Next →