7 matches found
EUVD-2014-3386
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550...
CVE-2014-3373
Multiple cross-site scripting XSS vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550...
CVE-2014-3373
Cisco Unified Communications Manager (CUCM) Server’s CCM Dialed Number Analyzer interface is affected by multiple XSS vulnerabilities due to insufficient input validation of HTTP GET/POST parameters. Exploitation could allow remote attackers to inject arbitrary web script or HTML. The issue, trac...
Cisco Unified Communications Manager DNA Arbitrary File Upload Vulnerability
A vulnerability in the Multiple Analyzer of the Cisco Unified Communications Manager Dialed Number Analyzer DNA could allow an authenticated, remote attacker to upload arbitrary files to a restricted location on the filesystem. The vulnerability is due to insufficient parameter validation. An...
CVE-2014-3316
The Multiple Analyzer in the Dialed Number Analyzer DNA component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297...
Design/Logic Flaw
The Multiple Analyzer in the Dialed Number Analyzer DNA component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297...