CVSS: 6.1EPSS: 0%CPEs: 40EXPL: 0CVE-2007-1467
https://notcve.org/view.php?id=CVE-2007-1467
16 Mar 2007 — Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engin... • http://secunia.com/advisories/24499 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-3286
https://notcve.org/view.php?id=CVE-2006-3286
28 Jun 2006 — The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951). La base de datos interna de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(63) almacena de manera fija en el código un usuario y contraseña en texto plano en ficheros sin especificar, lo que permite a... • http://secunia.com/advisories/20870 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-3287
https://notcve.org/view.php?id=CVE-2006-3287
28 Jun 2006 — Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391). Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v4.0(1) usa el nombre de usuario administrador por defecto "root" y la contraseña "public," lo que permite a atacantes remotos obtener acceso (también conocido como bug CSCse21391). • http://secunia.com/advisories/20870 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3288
https://notcve.org/view.php?id=CVE-2006-3288
28 Jun 2006 — Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and overwrite arbitrary files via unspecified vectors. Vulnerabilidad sin especificar en el servidor TFTP de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(51). Cuando está configurado para utilizar un nombre de ruta de di... • http://secunia.com/advisories/20870 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3289
https://notcve.org/view.php?id=CVE-2006-3289
28 Jun 2006 — Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL". Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de inicio de sesión del interfaz HTTP de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(51). Permite a usua... • http://secunia.com/advisories/20870 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3290
https://notcve.org/view.php?id=CVE-2006-3290
28 Jun 2006 — HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request. El servidor HTTP de Cisco Wireless Control System (WCS) para Linux y Windows en sus versiones anteriores a la v3.2(51) almacena información confidencial bajo el directorio raiz web con insuficiente control de acceso, lo que permite a atacantes re... • http://secunia.com/advisories/20870 •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-2006-3285
https://notcve.org/view.php?id=CVE-2006-3285
28 Jun 2006 — The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data (aka bugs CSCsd15955). La base de datos interna en Cisco Wireless Control System (WCS) para Linux y Windows anterior a v3.2(51) utiliza un nombre de usuario indocumentados no modificable y una contraseña, lo cual permite a usuarios remotos autenticados leer, ... • http://secunia.com/advisories/20870 •