|
291991
|
- |
|
phpmyfaq
|
phpmyfaq
|
Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.
|
CWE-352
Origin Validation Error
|
CVE-2014-0813
|
2024-11-21 11:02 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291992
|
- |
|
ibm
|
connections_portlets
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Connections Portlets 4.x before 4.5.1 FP1 for IBM WebSphere Portal 7.0.0.2 and 8.0.0.1 allow remote attackers to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0855
|
2024-11-21 11:02 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291993
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the Enterprise Mobility Application (EMApp) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a craf…
|
CWE-89
SQL Injection
|
CVE-2014-0729
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291994
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted UR…
|
CWE-89
SQL Injection
|
CVE-2014-0728
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291995
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via…
|
CWE-89
SQL Injection
|
CVE-2014-0727
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291996
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2014-0726
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291997
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (UCM) does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file stora…
|
CWE-287
Improper Authentication
|
CVE-2014-0725
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291998
|
- |
|
cisco
|
unified_communications_manager
|
The bulk administration interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to bypass authentication and read arbitrary files by using an unspecified p…
|
CWE-20
Improper Input Validation
|
CVE-2014-0724
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291999
|
- |
|
cisco
|
unified_communications_manager
|
Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0723
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292000
|
- |
|
cisco
|
unified_communications_manager
|
The log4jinit web application in Cisco Unified Communications Manager (UCM) does not properly validate authentication, which allows remote attackers to cause a denial of service (performance degradat…
|
CWE-287
Improper Authentication
|
CVE-2014-0722
|
2024-11-21 11:02 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
