EUVD-2006-1961

Malware in sbrugna...

Cisco ACS Solution Engine Cross-Site Scripting Vulnerability

Cisco Secure Access Control Server ACS is a security access control server from Cisco, Inc.Solution Engine is one of the server engine solutions. Cisco Secure Access Control Server ACS version 5.70.15, an XSS vulnerability exists in the web interface of Solution Engine. A remote attacker could...

CVE-2015-6349

Cross-site scripting XSS vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2015-6347

The Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page...

Design/Logic Flaw

The Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page...

Design/Logic Flaw

The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page...

Cross site scripting

Cross-site scripting XSS vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2015-6348

The CVE-2015-6348 issue affects Cisco Secure Access Control Server (ACS) 5.7(0.15) where the report-generation web interface contains RBAC validation weaknesses. An authenticated remote user could access restricted report/status pages via the report-generation web interface, potentially exposing ...

CVE-2015-6348

The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page...

CVE-2015-6347

The Solution Engine in Cisco Secure Access Control Server ACS 5.70.15 allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page...

CVE-2015-0700

Cross-site request forgery CSRF vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.50.46.5 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj62924...

Cisco Wireless Lan Solution Engine ArchiveApplyDisplay.JSP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17604/info CiscoWorks Wireless LAN Solution Engine WLSE is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

CVE-2011-3293

Multiple cross-site request forgery CSRF vulnerabilities in the Solution Engine in Cisco Secure Access Control Server ACS 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, aka Bug ID CSCtr78143...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Solution Engine in Cisco Secure Access Control Server ACS 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting XSS sequences, aka Bug ID CSCtr78143...

CVE-2008-0532

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password UCP before 4.2 in Cisco Secure Access Control Server ACS for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and...

Buffer overflow

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password UCP before 4.2 in Cisco Secure Access Control Server ACS for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and...

CVE-2008-0533

Multiple cross-site scripting XSS vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeable Password UCP before 4.2 in Cisco Secure Access Control Server ACS for Windows and ACS Solution Engine allow remote attackers to inject arbitrary web script or HTML via an argument located immediate...

Cisco Security Advisory: Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities Advisory ID: cisco-sa-20080312-ucp http://www.cisco.com/warp/public/707/cisco-sa-20080312-ucp.shtml Revision 1.0 ============ For Public...

Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability Advisory ID: cisco-sa-20071205-csa http://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml Revision 1.0 For Public Release 2007...

CVE-2007-5382

The conversion utility for converting CiscoWorks Wireless LAN Solution Engine WLSE 4.1.91.0 and earlier to Cisco Wireless Control System WCS creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges...