5 matches found
Directory traversal
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer DNA component in Cisco Unified Communications Manager 10.01 allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314...
CVE-2014-3317
CVE-2014-3317 describes a directory traversal vulnerability in the Cisco Unified Communications Manager, specifically in the Dialed Number Analyzer’s (DNA) Multiple Analyzer component. The root cause is insufficient input validation, enabling an authenticated, remote attacker to delete arbitrary ...
CVE-2014-3315
Cross-site scripting XSS vulnerability in viewfilecontents.do in the Dialed Number Analyzer DNA component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308...
CVE-2014-3315
Cross-site scripting XSS vulnerability in viewfilecontents.do in the Dialed Number Analyzer DNA component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308...
CVE-2014-3316
The Multiple Analyzer in the Dialed Number Analyzer DNA component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297...