CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0774
https://notcve.org/view.php?id=CVE-2015-0774
12 Jun 2015 — Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5.5(9) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu70650. Vulnerabilidad de XSS en Cisco Application and Content Networking System (ACNS) 5.5(9) permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una URL manipulada, también conocida como Bug ID CSCuu70650. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39257 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 2%CPEs: 120EXPL: 0CVE-2013-3444
https://notcve.org/view.php?id=CVE-2013-3444
31 Jul 2013 — The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbi... • http://secunia.com/advisories/54367 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •