Computer Security
[EN] no-pyccku

Cisco Wireless Control System crossite scripting
updated since 09.08.2010
SecurityVulns ID:11043
Threat Level:
Description:Crossite scripting and SQL injection in Web interface.
Affected:CISCO : Wireless Control System 6.0
CVE:CVE-2010-2826 (SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0.x before allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019.)
Original documentdocumentCISCO, Cisco Security Advisory: SQL Injection Vulnerability in Cisco Wireless Control System (11.08.2010)
 documentTom Neaves, Cisco Wireless Control System XSS (09.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod