Sql injection

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...

Authentication flaw

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...

Directory traversal

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15978 Cisco Data Center Network Manager Command Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...

CVE-2019-15978 Cisco Data Center Network Manager Command Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...

CVE-2019-15979 Cisco Data Center Network Manager Command Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...

CVE-2019-15979 Cisco Data Center Network Manager Command Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system OS. For more information about...

CVE-2019-15980 Cisco Data Center Network Manager Path Traversal Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15980 Cisco Data Center Network Manager Path Traversal Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15981 Cisco Data Center Network Manager Path Traversal Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15981 Cisco Data Center Network Manager Path Traversal Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15982 Cisco Data Center Network Manager Path Traversal Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15982 Cisco Data Center Network Manager Path Traversal Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints and the Application Framework feature of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an attacker wou...

CVE-2019-15984 Cisco Data Center Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...

CVE-2019-15985

CVE-2019-15985 corresponds to multiple SQL injection vulnerabilities in Cisco Data Center Network Manager (DCNM) REST and SOAP APIs. Affected versions are DCNM prior to 11.3(1). An authenticated, remote attacker with administrative privileges can exploit insufficient input validation to execute a...

CVE-2019-15985 Cisco Data Center Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...

CVE-2019-15985 Cisco Data Center Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...

Fedora 31 : wordpress (2019-e16ba9e54e)

WordPress 5.3.2 Maintenance Release Shortly after WordPress 5.3.1 was released, a couple of high severity Trac tickets were opened. The Core team scheduled this quick maintenance release to resolve these issues. Main issues addressed in 5.3.2 : - Date/Time: Ensure that getfeedbuilddate correctly...

Fedora 30 : wordpress (2019-da7b49a4b1)

WordPress 5.3.2 Maintenance Release Shortly after WordPress 5.3.1 was released, a couple of high severity Trac tickets were opened. The Core team scheduled this quick maintenance release to resolve these issues. Main issues addressed in 5.3.2 : - Date/Time: Ensure that getfeedbuilddate correctly...

U.S. Dept Of Defense: Bypassing CORS Misconfiguration Leads to Sensitive Exposure

Hi! Security Team @deptofdefense, It's possible to get information about the users registered such as: id, name, login name, etc. without authentication in Wordpress via API on . ███████. Description: By default Wordpress allow public access to Rest API to get informations about all users...