Lucene search
K

37 matches found

Cisco
Cisco
added 2015/08/13 9:34 p.m.26 views

Cisco Unified Interaction Manager Web Interface Authorization Bypass Vulnerability

A vulnerability in the Cisco Unified Interaction Manager web interface could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to insufficient validation of user-supplied data against the application authorization contr...

5.5CVSS6.5AI score0.02456EPSS
Exploits0References1
Cisco
Cisco
added 2015/08/13 9:16 p.m.31 views

Cisco Unified Interaction Manager Web Interface Security Bypass Vulnerability

A vulnerability in the Cisco Unified Interaction Manager web interface could allow an authenticated, remote attacker to delete default system folders for the messaging queues. The vulnerability is due insufficient validation of user-supplied data against the application authorization control logi...

4CVSS6.6AI score0.02456EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/05/29 3:0 p.m.20 views

CVE-2015-0753

SQL injection vulnerability in Cisco Unified Email Interaction Manager EIM and Unified Web Interaction Manager WIM 9.02 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028...

8.4AI score0.01847EPSS
Exploits0References2
Cisco
Cisco
added 2015/05/27 4:8 p.m.25 views

Cisco Unified Email Interaction Manager and Cisco Unified Web Interaction Manager SQL Injection Vulnerability

A vulnerability in the Cisco Unified Email Interaction Manager EIM and Cisco Unified Web Interaction Manager WIM interface could allow an unauthenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input...

5CVSS7.1AI score0.01847EPSS
Exploits0References1
Cisco
Cisco
added 2015/03/02 9:4 p.m.26 views

Cisco Unified Web Interaction Manager Cross-Site Scripting Vulnerability

A vulnerability in Cisco Unified Web Interaction Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to a lack of input sanitization of the Cisco Unified Web...

4.3CVSS5.9AI score0.01773EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/02 12:0 a.m.4 views

Cisco Unified Web Interaction Manager Cross-Site Scripting Vulnerability

Cisco Unified Web and E-mail Interaction Manager are both products in Cisco's Customer Collaboration Contact Center.Web Interaction Manager is a product that helps call center agents answer customer questions using websites and text chat or real-time Web collaboration; E-mail Interaction Manager ...

4.3CVSS6.3AI score0.01773EPSS
Exploits0References1
NVD
NVD
added 2015/02/28 2:59 a.m.17 views

CVE-2015-0655

Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...

4.3CVSS5.6AI score0.01773EPSS
Exploits0References3
Prion
Prion
added 2015/02/28 2:59 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...

4.3CVSS6.1AI score0.01773EPSS
Exploits0References3
CVE
CVE
added 2015/02/28 2:0 a.m.45 views

CVE-2015-0655

CVE-2015-0655 affects Cisco Unified Web and E‑Mail Interaction Manager (Unified Web Interaction Manager). The vulnerability is an XSS due to lack of input sanitization, exploitable by an unauthenticated, remote attacker who entices a user to submit a crafted POST request to the web interface. Imp...

4.3CVSS5.8AI score0.01773EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/02/28 2:0 a.m.23 views

CVE-2015-0655

Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...

5.6AI score0.01773EPSS
Exploits0References3
NVD
NVD
added 2014/05/20 11:13 a.m.22 views

CVE-2014-2194

system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.02 allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity...

6.8CVSS6.7AI score0.01249EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/05/20 10:0 a.m.24 views

CVE-2014-2194

system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.02 allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity...

6.7AI score0.01249EPSS
Exploits0References2
CVE
CVE
added 2014/05/20 10:0 a.m.43 views

CVE-2014-2192

CVE-2014-2192 affects Cisco Unified Web and E-mail Interaction Manager 9.0(2). The issue is a cross-site scripting (XSS) vulnerability caused by insufficient input validation in a parameter, allowing an unauthenticated, remote attacker to inject arbitrary script or HTML via a crafted link. The Ci...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/05/20 10:0 a.m.54 views

CVE-2014-2193

CVE-2014-2193 affects Cisco Unified Web and E-Mail Interaction Manager. Root cause: improper use of session identifiers in GET requests, enabling a remote attacker to inject conversation text by obtaining a valid session identifier. Affected products and impact are described in Cisco advisory and...

4.3CVSS6.8AI score0.00958EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/05/20 10:0 a.m.47 views

CVE-2014-2194

Cisco’s advisory CVE-2014-2194 affects Cisco Unified Web and E-mail Interaction Manager 9.0(2). The vulnerability is in the /system/egain/chat/entrypoint script, allowing unauthenticated, remote attackers to inject spoofed XML external entities due to inadequate input validation. Impact is descri...

6.8CVSS6.9AI score0.01249EPSS
Exploits0References2Affected Software1
Cisco
Cisco
added 2014/05/19 6:50 p.m.32 views

Cisco Unified Web and E-mail Interaction Manager XML External Entities Vulnerability

A vulnerability in the /system/egain/chat/entrypoint script of Cisco Unified Web and E-mail Interaction Manager could allow an unauthenticated, remote attacker to inject malicious XML entities. The vulnerability is due to inadequate input validation. An attacker could exploit this vulnerability b...

4.3CVSS6.5AI score0.01249EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/06/22 2:24 a.m.3 views

Cross-Site Scripting Vulnerability in Interstage Portalworks and Interstage Interaction Manager Portal Function

Overview The portal function of Interstage Portalworks and Interstage Interaction Manager is vulnerable to cross-site scripting. Impact A remote attacker could execute arbitrary scripts on the affected browser. Solution Please refer to the 'Vendor Information' section for the official...

5CVSS6.9AI score
Exploits0References2
Rows per page
Query Builder