644 matches found
[SECURITY] [DLA 1561-1] phpldapadmin security update
Package : phpldapadmin Version : 1.2.2-5.2+deb8u1 CVE ID : CVE-2017-11107 Debian Bug : 867719 It was discovered that there was a cross-site scripting XSS vulnerability in phpldapadmin, a web-based interface for administering LDAP servers. For Debian 8 "Jessie", this problem has been fixed in...
CVE-2018-15438
CVE-2018-15438 concerns Cisco Prime Collaboration Assurance and its web-based management interface. The issue is a CSRF vulnerability arising from insufficient CSRF protections, enabling an unauthenticated, remote attacker to persuade a user to click a malicious link and perform arbitrary actions...
CVE-2018-15438 Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF...
CVE-2018-0416
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms...
Input validation
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms...
CVE-2018-0388
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...
Cross site scripting
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...
CVE-2018-0388 Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...
CVE-2018-0388 Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...
CVE-2018-0416 Cisco Wireless LAN Controller Software Information Disclosure Vulnerability
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms...
Cisco Wireless LAN Controller Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Wireless LAN Controller WLC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validatio...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the management interface on an affected device. The vulnerability is due to insufficient...
CVE-2018-15400 Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
CVE-2018-15426
CVE-2018-15426 affects Cisco Unity Connection’s web-based interface. The issue is a stored XSS vulnerability caused by insufficient validation of user-supplied input, exploitable when a user clicks a crafted link, potentially allowing arbitrary script execution in the interface context or access ...
CVE-2018-15426 Cisco Unity Connection Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based interface of the affected software. The vulnerability is due to insufficient validation of...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...
ABB Panel Builder 800 Input Validation Vulnerability
ABB Panel Builder 800 is a Web-based HMI Human Machine Interface system from ABB Switzerland. An input validation vulnerability in ABB Panel Builder 800 all versions, which arises from the program's failure to properly filter user-submitted input, can be exploited by an attacker to inject and run...
CVE-2018-0401
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70967...
CVE-2018-0400
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70904...