23 matches found
EUVD-2015-4285
Malware in sbrugna...
EUVD-2013-1209
Malware in sbrugna...
EUVD-2015-0776
Malware in sbrugna...
EUVD-2013-3354
Malware in sbrugna...
CVE-2013-1168
The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a sessio...
CVE-2013-3419
Cross-site scripting XSS vulnerability in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh74981...
CVE-2013-1169
Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate users via a crafted login request, aka Bug ID...
Cisco Unified MeetingPlace Web Conferencing Trust Management Vulnerability
Cisco Unified MeetingPlace Web Conferencing is a Cisco Unified MeetingPlace multimedia conferencing solution in the United States Cisco Cisco company's core components. A security vulnerability in the password change feature in Cisco Unified MeetingPlace Web Conferencing versions 8.55 MR3 prior t...
Sql injection
SQL injection vulnerability in Cisco Unified MeetingPlace 8.61.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu54037...
Cisco Unified MeetingPlace SQL Injection Vulnerability (CNVD-2015-04162)
Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. A SQL injection vulnerability exists in Cisco Unified MeetingPlace due to the program failing to properly validate user input within a sql query. An authenticated, remote...
CVE-2015-0758
The web-based user interface in Cisco Unified MeetingPlace 8.61.9 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, aka Bug ID CSCus97452...
Multiple Cross-Site Request Forgery Vulnerabilities in Cisco Unified MeetingPlace Server
Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. Multiple cross-site request forgery vulnerabilities exist in the API functionality in Cisco Unified MeetingPlace version 8.6 1.9, which can be exploited by a remote attacker...
Cisco Unified MeetingPlace Web Services Directory Cross-Site Request Forgery Vulnerability
Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. A cross-site request forgery vulnerability exists in the SOAP API endpoint of the web-services directory in Cisco Unified MeetingPlace version 8.6 1.9, which can be exploite...
Cross site scripting
Cross-site scripting XSS vulnerability in the web framework in the Application Server in Cisco Unified MeetingPlace allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui44681...
CVE-2013-3419
Cross-site scripting XSS vulnerability in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuh74981...
CVE-2013-1169
Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate users via a crafted login request, aka Bug ID...
CVE-2013-1168
The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a sessio...
CVE-2010-0141
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935...
CVE-2010-0142
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530...
CVE-2010-0140
Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.02.3 hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create 1 user or 2 administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 a...