[SECURITY] Fedora 22 Update: php-guzzle-Guzzle-3.9.3-5.fc22

Guzzle takes the pain out of sending HTTP requests and the redundancy out of creating web service clients. Guzzle is a framework that includes the tools needed to create a robust web service client, including: Service descriptions for defining the inputs and outputs of an API, resource iterators...

[SECURITY] Fedora 23 Update: php-guzzle-Guzzle-3.9.3-5.fc23

Guzzle takes the pain out of sending HTTP requests and the redundancy out of creating web service clients. Guzzle is a framework that includes the tools needed to create a robust web service client, including: Service descriptions for defining the inputs and outputs of an API, resource iterators...

up.time 7.5.0 Cross Site Request Forgery / Cross Site Scripting

up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application allows users to perform certain actions via HTTP...

Input validation

The administrator web interface in Cisco TelePresence Video Communication Server VCS X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796...

CVE-2015-4329

The administrator web interface in Cisco TelePresence Video Communication Server VCS X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796...

CVE-2015-4329

The Cisco TelePresence Video Communication Server (Expressway) admin web interface (VCS X8.5.2) is affected by CVE-2015-4329 due to insufficient input validation. An authenticated, remote attacker can craft HTTP requests to execute arbitrary OS commands on the underlying device, with potential pr...

CVE-2015-4328

Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified...

up.time 7.5.0 XSS And CSRF Add Admin Exploit

Exploit for php platform in category web applications up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application...

CVE-2015-4328

Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified...

Cisco TelePresence Video Communication Server Expressway Arbitrary Command Execution Vulnerability

Cisco TelePresence Video Communication Server VCS Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end users using a variety of communication tools. A...

up.time 7.5.0 - Cross-Site Scripting / Cross-Site Request Forgery (Add Admin)

up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: The application allows users to perform certain actions via HTTP...

up.time 7.5.0 - Cross-Site Scripting Cross-Site Request Forgery (Add Admin)

up.time 7.5.0 - Cross-Site Scripting Cross-Site Request Forgery Add Admin up.time 7.5.0 XSS And CSRF Add Admin Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software...

up.time 7.5.0 XSS And CSRF Add Admin Exploit

Summary The next-generation of IT monitoring software. Description The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-i...

Cisco TelePresence Video Communication Server Expressway Command Execution Vulnerability

A vulnerability in the web framework of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, remote attacker to execute commands on the underlying operating system. The vulnerability is due to improper authorization of read-only users. An attacker could...

Medium: httpd

Issue Overview: Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly...

WebUI mainfile.php Arbitrary Command Injection

An arbitrary command injection vulnerability exists in WebUI. The vulnerability is due to insufficient validation of multiple parameters in "mainfile.php" when handling HTTP requests. A remote, authenticated attacker can exploit this vulnerability by sending maliciously crafted input to the...

CVE-2015-5386

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests...

Authentication flaw

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests...

CVE-2015-5386

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests...

ArticleFR 3.0.6 - Multiple Vulnerabilities

ArticleFR 3.0.6 - Multiple Vulnerabilities ArticleFR 3.0.6 CSRF Add Admin Exploit Vendor: Free Reprintables Product web page: http://www.freereprintables.com Affected version: 3.0.6 Summary: A lightweight fully featured content article / video management system. Comes with a pluginable and...