CVE-2014-0727
Cisco Unified Communications Manager (UCM) CMIVR interface is affected by a SQL injection vulnerability (CVE-2014-0727) that can be exploited remotely by unauthenticated attackers via crafted URLs to execute arbitrary SQL commands. The root cause is insufficient input validation in SQL queries wi...