3 matches found
CVE-2011-1610
Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15su3, 7.x before 7.15su4, 8.0 before 8.03asu2, and 8.5 before 8.51su1 allow remote attackers to execute...
Sql injection
Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15su3, 7.x before 7.15su4, 8.0 before 8.03asu2, and 8.5 before 8.51su1 allow remote attackers to execute...
CVE-2011-1610
CVE-2011-1610 affects Cisco Unified Communications Manager (CUCM) where the embedded Apache HTTP Server exposes xmldirectorylist.jsp. The vulnerability arises from improper validation of parameters (f, l, n) passed to the JSP, enabling a remote, unauthenticated attacker to inject and execute arbi...