CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0594
https://notcve.org/view.php?id=CVE-2015-0594
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq54654 and CSCun18263. Múltiples vulnerabilidades de XSS en la páginas de ayuda en Cisco Common Services, utilizado en Cisco Prime LAN Management Solution (LMS) y Cisco Security Manager, permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de parámetros no especificados, también conocido como Bug IDs CSCuq54654 y CSCun18263. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0594 http://www.securityfocus.com/bid/72793 http://www.securitytracker.com/id/1031813 http://www.securitytracker.com/id/1031814 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3365
https://notcve.org/view.php?id=CVE-2014-3365
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Prime Security Manager (PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via crafted input to the (1) Dashboard or (2) Configure Realm page, aka Bug ID CSCuo94808. Múltiples vulnerabilidades de XSS en Cisco Prime Security Manager (PRSM) 9.2(.1-2) y anteriores permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de entradas manipuladas en la página (1) Dashboard o (2) Configure Realm, también conocido como Bug ID CSCuo94808. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3365 http://tools.cisco.com/security/center/viewAlert.x?alertId=37418 http://www.securitytracker.com/id/1031716 https://exchange.xforce.ibmcloud.com/vulnerabilities/100756 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3364
https://notcve.org/view.php?id=CVE-2014-3364
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661. Múltiples vulnerabilidades de XSS en el Framework web de Cisco Prime Security Manager 9.2.1-2 y anteriores (también conocido como PRSM) permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de los parámetros (1) Access Policies o (2) Device Summary Dashboard, también conocido como Bug ID CSCuq80661. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3364 http://tools.cisco.com/security/center/viewAlert.x?alertId=36741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3326
https://notcve.org/view.php?id=CVE-2014-3326
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup26957. Vulnerabilidad de SQL en el Framework web en Cisco Security Manager 4.5 y 4.6 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de vectores no especificados, también conocido como Bug ID CSCup26957. • http://secunia.com/advisories/60455 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3326 http://tools.cisco.com/security/center/viewAlert.x?alertId=35029 http://www.securityfocus.com/bid/68877 http://www.securitytracker.com/id/1030639 https://exchange.xforce.ibmcloud.com/vulnerabilities/94841 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2014-3266
https://notcve.org/view.php?id=CVE-2014-3266
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun65189. Vulnerabilidad de XSS en el Framework web en Cisco Security Manager 4.6 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un parámetro no especificado, también conocido como Bug ID CSCun65189. • http://secunia.com/advisories/58923 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3266 http://tools.cisco.com/security/center/viewAlert.x?alertId=34340 http://www.securityfocus.com/bid/67569 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •