54 matches found
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same L...
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Vulnerability
Exploit for jsp platform in category web applications Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processi...
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML...
Universal Media Server 7.1.0 XML Injection
Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same L...
rund-ums-baby.de XSS vulnerability
Open Bug Bounty ID: OBB-574549 Description| Value ---|--- Affected Website:| rund-ums-baby.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ums.eamv.dk XSS vulnerability
Vulnerable URL: https://ums.eamv.dk/ErrorMessage.aspx?ErrorMsg=%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 03.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
ums.ucsyd.dk XSS vulnerability
Vulnerable URL: https://ums.ucsyd.dk/ErrorMessage.aspx?ErrorMsg=%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 03.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
rund-ums-baby.de XSS vulnerability
Vulnerable URL: https://www.rund-ums-baby.de/login.htm Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 32622 VIP website status:| Yes Coordinated Disclosure Timeline: Description|...
CVE-2016-6397
Cisco IPICS Universal Media Services (UMS) vulnerable via its interdevice communications interface. Affects Cisco IPICS releases 4.8(1)–4.10(1). The issue allows an unauthenticated, remote attacker to modify UMS configuration parameters and render the system unavailable. Root cause described as i...
CVE-2016-6397
A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System IPICS Universal Media Services UMS could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. Affect...
Mozilla Firefox OS Security Mechanism Bypass Vulnerability
Firefox OS is an open source mobile operating system with a Linux kernel for smartphones. A security vulnerability exists in Mozilla Firefox OS versions prior to 2.2. It could allow an attacker in close physical proximity to access the UMS media volume via the usb interface, bypassing the passwor...
CVE-2015-5960
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage UMS media volumes by using the USB interface for a mount operation...
CVE-2014-7988
The Unified Messaging Service UMS in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493...
CVE-2014-7988
CVE-2014-7988 affects the Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier. The vulnerability allows remote authenticated users to obtain sensitive information by reading logs (information disclosure due to sensitive data in logs, Bug CSCur06493). An attacker must authen...