|
271701
|
- |
|
cisco
|
prime_service_catalog
|
SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuw50843.
|
CWE-89
SQL Injection
|
CVE-2015-6350
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271702
|
- |
|
cisco
|
secure_access_control_server
|
Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6349
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271703
|
- |
|
cisco
|
secure_access_control_server
|
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read repor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6348
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271704
|
- |
|
cisco
|
secure_access_control_server
|
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an uns…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6347
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271705
|
- |
|
cisco
|
secure_access_control_server
|
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6346
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271706
|
- |
|
cisco
|
secure_access_control_server
|
SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug…
|
CWE-89
SQL Injection
|
CVE-2015-6345
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271707
|
- |
|
cisco
|
asa_cx_context-aware_security_software
|
The web-based GUI in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security 9.3(4.1.11) allows remote authenticated users to bypass intended access restrictions and obtain sensitive user i…
|
CWE-200
Information Exposure
|
CVE-2015-6344
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271708
|
- |
|
owncloud
|
owncloud
|
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by read…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2015-5955
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271709
|
- |
|
medicomp
|
medcin_engine
|
The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153.x before 2.22.20153.226 might allow remote attackers to execute arbitrary code or cause a denial of service (integer truncation …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6006
|
2024-11-21 11:34 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271710
|
- |
|
epson
|
network_utility
|
EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6034
|
2024-11-21 11:34 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
