56 matches found
EUVD-2014-3292
Malware in sbrugna...
EUVD-2015-0601
Malware in sbrugna...
EUVD-2014-3333
Malware in sbrugna...
EUVD-2015-0697
Malware in sbrugna...
EUVD-2016-2453
Malware in sbrugna...
EUVD-2015-0695
Malware in sbrugna...
Viproy CUCDM IP Phone XML Services Speed Dial Attack Tool
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Viproy CUCDM IP Phone XML Services - Speed Dial Attack Tool', 'Description' = %q The BVSMWeb portal in the web framework...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager Unified CDM could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability...
CVE-2019-15968
Cisco Unified Communications Domain Manager (CUCDM) web-based management interface is affected by a cross-site scripting (XSS) vulnerability caused by insufficient input validation. An authenticated remote attacker could lure a user to click a crafted link, enabling arbitrary script execution in ...
CVE-2019-1911
A vulnerability in the CLI of Cisco Unified Communications Domain Manager Cisco Unified CDM Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerabili...
CVE-2019-1911 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability
A vulnerability in the CLI of Cisco Unified Communications Domain Manager Cisco Unified CDM Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerabili...
CVE-2019-1911
Cisco Unified Communications Domain Manager (CUCDM) CLI vulnerability (CVE-2019-1911) allows an authenticated, local attacker to escape the restricted shell due to insufficient input validation of shell commands. Affected versions include CUCDM 11.5(3) PB3 and prior releases. Impact is elevated: ...
CVE-2018-0386
A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected software. An attacker...
Code injection
A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. The vulnerability is due to insecure key generation during application configuration. An attacker...
Cisco Unified Communications Domain Manager Remote Code Execution Vulnerability
A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. The vulnerability is due to insecure key generation during application configuration. An attacker...
CVE-2016-1314
CVE-2016-1314 concerns Cisco Unified Communications Domain Manager (CDM) 8.1(1). A cross-site scripting (XSS) flaw allows an authenticated remote user to inject arbitrary web script or HTML via a crafted URL due to insufficient input validation. Multiple sources (NVD, CNVD, CVE list, Cisco adviso...
CVE-2016-1354
CVE-2016-1354 affects Cisco Unified Communications Domain Manager (UCDM/UCDM) versions 8.x before 8.1.1. The vulnerability is a cross-site scripting (XSS) flaw in the web framework triggered by crafted markup data, due to insufficient input validation. Multiple sources (NVD, CVE listings, CNVD, C...
CVE-2016-1354
Cross-site scripting XSS vulnerability in Cisco Unified Communications Domain Manager UCDM 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176...
Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Domain Manager UCDM Software could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of user-submitted content. An attacker could...
CVE-2015-6422
The self-service application in Cisco Unified Communications Domain Manager CUCDM 10.61 allows remote authenticated users to cause a denial of service subapplication outage via malformed requests, aka Bug ID CSCuu10981...