CVE-2014-2180
The Cisco advisory for CVE-2014-2180 describes a vulnerability in the Document Management component of Cisco Unified Contact Center Express where insufficient parameter validation allows an authenticated, remote attacker to upload files to arbitrary filesystem locations via a crafted HTTP request...