1571 matches found
CVE-2007-2035
Cisco Wireless Control System WCS before 4.0.66.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain network organization data via a direct request for files in certain directories, aka Bug ID CSCsg04301...
CVE-2007-2033
Summary (CVE-2007-2033) : Cisco Wireless Control System (WCS) is affected by an unspecified vulnerability in versions before 4.0.81.0. The issue allows remote authenticated users to read any configuration page by changing the group membership of user accounts (Bug ID CSCse78596). The NVD entry li...
CVE-2007-2034
Unspecified vulnerability in Cisco Wireless Control System WCS before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190...
Cisco Wireless Control System multiple security vulnerabilities
Hardcoded unchangable FTP server account, privilege escalation thorugh group membership, information leaks...
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Wireless Control System Advisory ID: cisco-sa-20070412-wcs http://www.cisco.com/warp/public/707/cisco-sa-20070412-wcs.shtml Revision 1.0 For Public Release 2007 April 12 1600 UTC GMT -...
Cisco Wireless Control System Privilege Escalation Vulnerability
Cisco Wireless Control System WCS versions prior to 4.0.87.0 contains a vulnerability that could allow an authenticated, remote attacker to gain escalated privileges on the affected system. This vulnerability exists due to insufficient access controls on the Cisco WCS configuration page used to...
Multiple Vulnerabilities in the Cisco Wireless Control System
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in 1 PreSearch.html and 2 PreSearch.class in Cisco Secure Access Control Server ACS, VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage...
CVE-2006-3286
The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...
CVE-2006-3287
Cisco Wireless Control System WCS for Linux and Windows 4.01 and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access aka bug CSCse21391...
CVE-2006-3290
HTTP server in Cisco Wireless Control System WCS for Linux and Windows before 3.251 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request...
CVE-2006-3286
The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...
CVE-2006-3287
Cisco Wireless Control System WCS for Linux and Windows 4.01 and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access aka bug CSCse21391...
CVE-2006-3286
The CVE-2006-3286 entry concerns Cisco Wireless Control System (WCS) for Linux and Windows prior to 3.2(63). The vulnerability arises from a hard-coded username and password stored in plaintext in unspecified files within the WCS database, enabling remote authenticated users to access the databas...
CVE-2006-3289
CVE-2006-3289 denotes a cross-site scripting (XSS) vulnerability in the login page of Cisco Wireless Control System (WCS) HTTP interface for Linux and Windows, affected in versions prior to 3.2(51). The issue allows remote attackers to inject arbitrary web script or HTML via vectors involving a m...
CVE-2006-3289
Cross-site scripting XSS vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System WCS for Linux and Windows before 3.251 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL"...
CVE-2006-3285
The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.251 uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data aka bugs CSCsd15955...
Multiple Vulnerabilities in Wireless Control System
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System Advisory ID: cisco-sa-20060628-wcs http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml Revision 1.0 For Public Release 2006 June 28 1600 UTC GMT -...
Virtual Hosting Control System 2.4.7.1 - Server_day_stats.php Multiple Cross-Site Scripting Vulnerabilities
Virtual Hosting Control System 2.4.7.1 - Serverdaystats.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17790/info Virtual Hosting Control System is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitiz...