Sense of Security - Security Researcher - Exploit Intelligence Platform

CVE-2011-0961 EXPLOITDB text WORKING POC

Ciscoworks Common Services < 3.3 - XSS

Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the device parameter, aka Bug ID CSCto12704.

View Code

CVE-2011-0959 EXPLOITDB text WRITEUP

Cisco Unified Operations Manager < 8.5 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.

View Code

CVE-2011-0962 EXPLOITDB text WRITEUP

Cisco Unified Operations Manager < 8.5 - XSS

Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote attackers to inject arbitrary web script or HTML via the tag parameter, aka Bug ID CSCto12712.

View Code

CVE-2011-0959 EXPLOITDB text WORKING POC

Cisco Unified Operations Manager < 8.5 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.

View Code

CVE-2011-0959 EXPLOITDB text WRITEUP

Cisco Unified Operations Manager < 8.5 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to iptm/advancedfind.do, (2) the deviceInstanceName parameter to iptm/ddv.do, the (3) cmd or (4) group parameter to iptm/eventmon, the (5) clusterName or (6) deviceName parameter to iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp, or the (7) ccmName or (8) clusterName parameter to iptm/logicalTopo.do, aka Bug ID CSCtn61716.

View Code

EIP-2026-100366 EXPLOITDB text WORKING POC

Iciniti Store - SQL Injection

View Code

EIP-2026-100304 EXPLOITDB text WRITEUP

Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload

View Code

EIP-2026-100305 EXPLOITDB text WRITEUP

Elcom CommunityManager.NET - Authentication Bypass

View Code

EIP-2026-100303 EXPLOITDB text WRITEUP

Ektron CMS 8.5.0 - Multiple Vulnerabilities

View Code