CVE-2014-0728
Cisco Unified Communications Manager (UCM) Java database interface is affected by a SQL injection vulnerability in versions 10.0(1) and earlier. Root cause: failure to validate user-supplied input used to construct SQL queries, allowing remote attackers to execute arbitrary SQL via crafted URLs (...