CVE-2015-6433
CVE-2015-6433 describes an SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225). An authenticated remote user can exploit a crafted URL to execute arbitrary SQL commands on the backend. The issue stems from improper validation of user-supplied input in SQL queries...