CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 20171e9f2ae7e55f3032123ab947e0b9f8cbccfb379a0eab62a30efd737da76b Any computer that has this package installed or running should be considered...

6.8AI score

Exploits0References5

Kitploit•added 2018/11/23 8:31 p.m.•105 views

Janusec Application Gateway - Tool Which Provides WAF, CC Attack Defense, Unified Web Administration Portal, Private Key Protection, Web Routing And Scalable Load Balancing

Janusec Application Gateway, an application security solutions which provides WAF Web Application Firewall, unified web administration portal, private key protection, web routing and scalable load balancing. With Janusec, you can build secure and scalable applications. Key Features WAF Web...

8.3AI score

Exploits0References2

Prion•added 2015/12/14 3:59 a.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.01 allows remote attackers to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSCuw24479...

4.3CVSS6.1AI score0.00296EPSS

Exploits0References3Affected Software1

CVE•added 2015/12/14 2:0 a.m.•47 views

CVE-2015-6416

CVE-2015-6416 is a cross-site scripting (XSS) vulnerability in Cisco’s Unified Email Interaction Manager and Unified Web Interaction Manager version 11.0(1). The issue arises from insufficient sanitization of user-supplied input in the web interface, allowing an unauthenticated, remote attacker t...

4.3CVSS5.8AI score0.00296EPSS

Exploits0References3Affected Software1

CVE•added 2015/08/19 3:0 p.m.•43 views

CVE-2015-4298

CVE-2015-4298 affects Cisco Unified Web and E-Mail Interaction Manager (versions 9.0(2) and 11.0(1)). The root cause is improper authorization handling that allows remote authenticated users to read or write stored data via unspecified vectors. The vulnerability results from insufficient validati...

6.5CVSS6.2AI score0.00549EPSS

Exploits0References3Affected Software1

CVE•added 2015/08/19 3:0 p.m.•39 views

CVE-2015-4299

Cisco's advisory for CVE-2015-4299 states that Cisco Unified Web and E-Mail Interaction Manager 9.0(2) exposes an authorization flaw. An authenticated, remote attacker can remove default messaging-queue system folders due to improper authorization logic. Root cause: insufficient validation of per...

5.5CVSS6.5AI score0.00549EPSS

Exploits0References3Affected Software1

CVE•added 2015/08/19 3:0 p.m.•41 views

CVE-2015-6255

CVE-2015-6255 affects Cisco Unified Web and E‑Mail Interaction Manager 9.0(2). The vulnerability resides in the web chat interface where insufficient input validation allows a remote attacker to deliver a crafted chat message that injects arbitrary web script or HTML (XSS). The root cause is inpu...

4.3CVSS5.8AI score0.00453EPSS

Exploits0References3Affected Software1

CNVD•added 2015/06/01 12:0 a.m.•1 views

Cisco Unified Web and E-Mail Interaction Manager SQL Injection Vulnerability

Cisco Unified Web and E-mail Interaction Manager are both products in the Customer Collaboration Contact Center of the American Cisco Cisco company. A SQL injection vulnerability exists in Cisco Unified Web and E-Mail Interaction Manager, which could be exploited by a remote attacker to submit a...

6.8CVSS8AI score0.00269EPSS

Exploits0References1

Cvelist•added 2015/05/29 3:0 p.m.•17 views

CVE-2015-0753

SQL injection vulnerability in Cisco Unified Email Interaction Manager EIM and Unified Web Interaction Manager WIM 9.02 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028...

8.4AI score0.00269EPSS

Exploits0References2

NVD•added 2015/02/28 2:59 a.m.•11 views

CVE-2015-0655

Cross-site scripting XSS vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184...

4.3CVSS5.6AI score0.00296EPSS

Exploits0References3

Prion•added 2015/02/28 2:59 a.m.•11 views

Cross site scripting

4.3CVSS6.1AI score0.00296EPSS

Exploits0References3

Cvelist•added 2015/02/28 2:0 a.m.•20 views

CVE-2015-0655

5.6AI score0.00296EPSS

Exploits0References3

CVE•added 2015/02/28 2:0 a.m.•39 views

CVE-2015-0655

CVE-2015-0655 affects Cisco Unified Web and E‑Mail Interaction Manager (Unified Web Interaction Manager). The vulnerability is an XSS due to lack of input sanitization, exploitable by an unauthenticated, remote attacker who entices a user to submit a crafted POST request to the web interface. Imp...

4.3CVSS5.8AI score0.00296EPSS

Exploits0References3Affected Software1

CVE•added 2014/05/20 10:0 a.m.•49 views

CVE-2014-2193

CVE-2014-2193 affects Cisco Unified Web and E-Mail Interaction Manager. Root cause: improper use of session identifiers in GET requests, enabling a remote attacker to inject conversation text by obtaining a valid session identifier. Affected products and impact are described in Cisco advisory and...

4.3CVSS6.8AI score0.00224EPSS

Exploits0References1Affected Software1

Cvelist•added 2014/05/20 10:0 a.m.•21 views

CVE-2014-2194

system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.02 allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity...

6.7AI score0.00403EPSS

Exploits0References2

CVE•added 2014/05/20 10:0 a.m.•38 views

CVE-2014-2192

CVE-2014-2192 affects Cisco Unified Web and E-mail Interaction Manager 9.0(2). The issue is a cross-site scripting (XSS) vulnerability caused by insufficient input validation in a parameter, allowing an unauthenticated, remote attacker to inject arbitrary script or HTML via a crafted link. The Ci...

4.3CVSS5.9AI score0.00296EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by