8 matches found
Cisco Unified Operations Manager 8.5 - iptmfaultmonuidojoMaineventmon_wrapper.jsp Multiple Cross-Site Scripting Vulnerabilities
Cisco Unified Operations Manager 8.5 - iptmfaultmonuidojoMaineventmonwrapper.jsp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/47901/info Cisco Unified Operations Manager is prone to multiple cross-site scripting vulnerabilities because it fails to proper...
CVE-2011-0959
Multiple cross-site scripting XSS vulnerabilities in Cisco Unified Operations Manager CUOM before 8.6 allow remote attackers to inject arbitrary web script or HTML via 1 the extn parameter to iptm/advancedfind.do, 2 the deviceInstanceName parameter to iptm/ddv.do, the 3 cmd or 4 group parameter t...
CVE-2011-0960
Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager CUOM before 8.6 allow remote attackers to execute arbitrary SQL commands via 1 the CCMs parameter to iptm/PRTestCreation.do or 2 the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cisco Unified Operations Manager CUOM before 8.6 allow remote attackers to inject arbitrary web script or HTML via 1 the extn parameter to iptm/advancedfind.do, 2 the deviceInstanceName parameter to iptm/ddv.do, the 3 cmd or 4 group parameter t...
Sql injection
Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager CUOM before 8.6 allow remote attackers to execute arbitrary SQL commands via 1 the CCMs parameter to iptm/PRTestCreation.do or 2 the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716...
CVE-2011-0960
Cisco Unified Operations Manager (CuOM) before 8.6 is affected by multiple vulnerabilities including blind SQL injection in two endpoints: PRTestCreation.do ( CCMs parameter ) and TelePresenceReportAction.do ( ccm parameter ). Exploitation could allow remote attackers to execute arbitrary SQL com...
CVE-2011-0960
Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager CUOM before 8.6 allow remote attackers to execute arbitrary SQL commands via 1 the CCMs parameter to iptm/PRTestCreation.do or 2 the ccm parameter to iptm/TelePresenceReportAction.do, aka Bug ID CSCtn61716...
CVE-2011-0959
Multiple cross-site scripting XSS vulnerabilities in Cisco Unified Operations Manager CUOM before 8.6 allow remote attackers to inject arbitrary web script or HTML via 1 the extn parameter to iptm/advancedfind.do, 2 the deviceInstanceName parameter to iptm/ddv.do, the 3 cmd or 4 group parameter t...