|
309871
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
These…
|
CWE-59
Link Following
|
CVE-2023-20004
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309872
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against …
|
CWE-79
Cross-site Scripting
|
CVE-2022-20948
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309873
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.
This vul…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2022-20939
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309874
|
6.1 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41785
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309875
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the inp…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-11243
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309876
|
- |
|
-
|
-
|
A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ad_list.php?action=pass of the component Keyword Filter…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11242
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309877
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the soft…
|
CWE-527
Exposure of Version-Control Repository to an Unauthorized Control Sphere
|
CVE-2022-20931
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309878
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote …
|
CWE-78
OS Command
|
CVE-2022-20871
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309879
|
7.4 |
HIGH
Network
|
-
|
-
|
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack o…
|
CWE-352
Origin Validation Error
|
CVE-2022-20853
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309880
|
6.1 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to contin…
|
CWE-391
Unchecked Error Condition
|
CVE-2022-20849
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
