CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2009-1287 – Cisco Subscriber Edge Services Manager - Cross-Site Scripting / HTML Injection
https://notcve.org/view.php?id=CVE-2009-1287
Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: some of these details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Cisco Subscriber Edge Services Manager (SESM) permite a usuarios remotos inyectar código web script o HTML de su elección a través de la URI (Uniform Resource Identifier). NOTA: algunos de estos detalles se han obtenido de terceras partes. • https://www.exploit-db.com/exploits/32897 http://securitytracker.com/id?1022030 http://www.securityfocus.com/bid/34454 http://www.xc0re.net/index.php?p=1_17_Cisco-Subscriber-Edge-Services-Manager-Multiple-Vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/50349 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 12%CPEs: 8EXPL: 0CVE-2005-4794
https://notcve.org/view.php?id=CVE-2005-4794
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 http://securitytracker.com/id?1014043 http://securitytracker.com/id?1014044 http://securitytracker.com/id?1014045 http://securitytracker.com/id?1014046 http://securitytracker.com/id? •