Sql injection

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates...

CVE-2020-3184 Cisco Prime Collaboration Provisioning Software SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates...

Directory traversal

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software prior to Release 12.1 could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation o...

CVE-2017-6636

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software prior to Release 11.1 could allow an authenticated, remote attacker to view any file on an affected system. The vulnerability exists because the affected software does not perform proper input validation of HT...

CVE-2017-6635

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software prior to Release 12.1 could allow an authenticated, remote attacker to delete any file from an affected system. The vulnerability exists because the affected software does not perform proper input validation o...

CVE-2017-6637

Cisco Prime Collaboration Provisioning (PCP) web interface vulnerability CVE-2017-6637 allows an authenticated, remote attacker to delete arbitrary files due to insufficient HTTP request input validation and lack of RBAC enforcement, via directory traversal on the affected system. Core issue: imp...

CVE-2017-6635

CVE-2017-6635 affects Cisco Prime Collaboration Provisioning Software (before Release 12.1). The web interface allows authenticated, remote attackers to delete arbitrary files via crafted HTTP requests that exploit directory traversal and weak RBAC enforcement. The issue is rooted in insufficient...

Fujitsu SystemcastWizard Lite PXEService UDP Handling Buffer Overflow (CVE-2009-0270)

Fujitsu SystemcastWizard software is one of the management tools included in the Systemwalker Resource Coordinator, which is a provisioning software by Fujitsu to efficiently and reliably operate blade servers. SystemcastWizard can install operating system images remotely and clone them on other...