|
291061
|
- |
|
cisco
|
unified_ip_phones_9900_series_firmware
unified_ip_phone_9951
unified_ip_phone_9971
|
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
|
CWE-20
Improper Input Validation
|
CVE-2013-5533
|
2024-11-21 10:57 |
2013-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291062
|
- |
|
cisco
|
unified_ip_phones_9900_series_firmware
unified_ip_phone_9951
unified_ip_phone_9971
|
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug …
|
CWE-20
Improper Input Validation
|
CVE-2013-5532
|
2024-11-21 10:57 |
2013-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291063
|
- |
|
cisco
|
unified_communications_manager
|
Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal …
|
CWE-22
Path Traversal
|
CVE-2013-5528
|
2024-11-21 10:57 |
2013-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291064
|
- |
|
cisco
|
ios
ios_xe
|
The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.
|
CWE-20
Improper Input Validation
|
CVE-2013-5527
|
2024-11-21 10:57 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291065
|
- |
|
cisco
|
unified_ip_phone_9951
unified_ip_phone_9971
|
Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service (device reboot) via crafted SDP packets, aka Bug ID CSCuf066…
|
CWE-20
Improper Input Validation
|
CVE-2013-5526
|
2024-11-21 10:57 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291066
|
- |
|
cisco
|
identity_services_engine_software
|
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a…
|
CWE-89
SQL Injection
|
CVE-2013-5525
|
2024-11-21 10:57 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291067
|
- |
|
cisco
|
identity_services_engine_software
|
Cross-site scripting (XSS) vulnerability in the troubleshooting page in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5524
|
2024-11-21 10:57 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291068
|
- |
|
cisco
|
identity_services_engine_software
|
The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attack…
|
CWE-20
Improper Input Validation
|
CVE-2013-5523
|
2024-11-21 10:57 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291069
|
- |
|
cisco
|
ios
|
The remember feature in the DHCP server in Cisco IOS allows remote attackers to cause a denial of service (device reload) by acquiring a lease and then sending a DHCPRELEASE message, aka Bug ID CSCuh…
|
NVD-CWE-noinfo
|
CVE-2013-5499
|
2024-11-21 10:57 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291070
|
- |
|
joomla
|
joomla\!
|
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended …
|
CWE-20
Improper Input Validation
|
CVE-2013-5576
|
2024-11-21 10:57 |
2013-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
