CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0708
https://notcve.org/view.php?id=CVE-2014-0708
WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272. WebEx Meeting Center en Cisco WebEx Business Suite no compone debidamente URLs para solicitudes HTTP GET, lo que permite a atacantes remotos obtener información sensible mediante la lectura de (1) registros de acceso del servidor web, (2) registros Referer del servidor web o (3) un historial del navegador, también conocido como Bug ID CSCul98272. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0708 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6964
https://notcve.org/view.php?id=CVE-2013-6964
Cisco WebEx Meeting Center allows remote authenticated users to bypass access control and inject content from a different WebEx site via unspecified vectors, aka Bug ID CSCul36197. Cisco WebEx Meeting Center permite a usuarios remotos autenticados evadir un control de acceso intencionado e inyectar contenido desde diferentes sitios WebEx a través de vectores no especificados, también conocido como Bug ID CSCul36197. • http://osvdb.org/100908 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6964 http://tools.cisco.com/security/center/viewAlert.x?alertId=32158 http://www.securityfocus.com/bid/64280 http://www.securitytracker.com/id/1029494 https://exchange.xforce.ibmcloud.com/vulnerabilities/89690 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6960
https://notcve.org/view.php?id=CVE-2013-6960
Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248. Múltiples vulnerabilidades de XSS en Cisco WebEx Meeting Center permite a atacantes remotos inyectar script web o HTML arbitrario a través de una URL manipulada, también conocido como Bug ID CSCul36248. • http://osvdb.org/100904 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6960 http://tools.cisco.com/security/center/viewAlert.x?alertId=32152 http://www.securityfocus.com/bid/64273 http://www.securitytracker.com/id/1029494 https://exchange.xforce.ibmcloud.com/vulnerabilities/89693 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6962
https://notcve.org/view.php?id=CVE-2013-6962
Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36228. Vulnerabilidad de XSS en el subsistema mobile-browser de Cisco WebEx Meeting Center permite a atacantes remotos inyectar script o HTML arbitrario a través de una URL manipulada, también conocido como Bug ID CSCul36228. • http://osvdb.org/100906 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6962 http://www.securityfocus.com/bid/64275 http://www.securitytracker.com/id/1029494 https://exchange.xforce.ibmcloud.com/vulnerabilities/89694 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6970
https://notcve.org/view.php?id=CVE-2013-6970
Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928. Cisco WebEx Meeting Center permite a atacantes remotos obtener información sensible mediante la lectura de mensajes de error detallados dentro de las respuestas del servidor, también conocido como Bug ID CSCul35928. • http://osvdb.org/101002 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6970 http://www.securityfocus.com/bid/64306 https://exchange.xforce.ibmcloud.com/vulnerabilities/89708 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •