A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user…
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. . Devamını Oku
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php. Devamını Oku
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php. Devamını Oku
SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php. Devamını Oku
SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php. Devamını Oku
SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php. Devamını Oku
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php. Devamını Oku
SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php. Devamını Oku
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php. Devamını Oku
A vulnerability in the API of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because requests that are sent to the API are not properly validated. An attacker could exploit this vulnerability by sending a malicious request to the…
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these…