| CVE-2016-6435 |
medium |
6.5 |
7.5 |
EXP |
|
cisco |
10y ago |
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376. |
| CVE-2016-1415 |
medium |
5.5 |
6.5 |
EXP |
|
cisco |
10y ago |
Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455. |
| CVE-2014-8008 |
medium |
— |
7.8 |
EXP |
|
cisco |
12y ago |
Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full p… |
| CVE-2013-5528 |
medium |
— |
5.0 |
EXP |
|
cisco |
13y ago |
Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal … |
| CVE-2013-1114 |
medium |
— |
5.3 |
EXP |
|
cisco |
14y ago |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527. |
| CVE-2013-1120 |
medium |
— |
7.8 |
EXP |
|
cisco |
14y ago |
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown v… |
| CVE-2011-2544 |
low |
— |
4.5 |
EXP |
|
cisco |
15y ago |
Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a c… |
| CVE-2011-0966 |
medium |
— |
7.8 |
EXP |
|
cisco |
15y ago |
Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (… |
| CVE-2011-0962 |
medium |
— |
5.3 |
EXP |
|
cisco |
15y ago |
Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote … |
| CVE-2011-0961 |
medium |
— |
5.3 |
EXP |
|
cisco |
15y ago |
Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTM… |
| CVE-2011-0959 |
medium |
— |
5.3 |
EXP |
|
cisco |
15y ago |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to i… |
| CVE-2011-0951 |
medium |
— |
6.0 |
EXP |
|
cisco |
15y ago |
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecifi… |
| CVE-2010-3039 |
medium |
— |
7.8 |
EXP |
|
cisco |
16y ago |
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via … |
| CVE-2010-1174 |
medium |
— |
6.0 |
EXP |
|
cisco |
16y ago |
Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these d… |
| CVE-2010-0642 |
medium |
— |
6.0 |
EXP |
|
cisco |
17y ago |
Cisco Collaboration Server (CCS) 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by (1) changing .jhtml to %2Ejh… |
| CVE-2010-0641 |
medium |
— |
5.3 |
EXP |
|
cisco |
17y ago |
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest pa… |
| CVE-2010-0440 |
medium |
— |
5.3 |
EXP |
|
cisco |
17y ago |
Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); al… |
