|
290731
|
- |
|
cisco
|
webex_meetings_server
|
The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server acces…
|
CWE-200
Information Exposure
|
CVE-2014-3303
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290732
|
- |
|
silver-peak
|
vx
|
Cross-site scripting (XSS) vulnerability in php/user_account.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2975
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290733
|
- |
|
silver-peak
|
vx
|
Cross-site request forgery (CSRF) vulnerability in php/user_account.php in Silver Peak VX through 6.2.4 allows remote attackers to hijack the authentication of administrators for requests that create…
|
CWE-352
Origin Validation Error
|
CVE-2014-2974
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290734
|
- |
|
caucho
|
resin
|
The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demo…
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2014-2966
|
2024-11-21 11:07 |
2014-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290735
|
- |
|
cisco
|
unified_presence_server
|
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3328
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290736
|
- |
|
cisco
|
security_manager
|
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup269…
|
CWE-89
SQL Injection
|
CVE-2014-3326
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290737
|
- |
|
cisco
|
telepresence_server_software
|
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3324
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290738
|
- |
|
cisco
|
webex_meetings_server
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims…
|
CWE-352
Origin Validation Error
|
CVE-2014-3305
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290739
|
- |
|
cisco
|
webex_meetings_server
|
The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bu…
|
CWE-200
Information Exposure
|
CVE-2014-3301
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290740
|
- |
|
ibm
|
infosphere_information_server
|
Cross-site scripting (XSS) vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL for add…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3071
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
