pi engine vulnerabilities and exploits

(subscribe to this query)

A Cross-Site Scripting (XSS) exists in pi-engine/pi 2.5.0. The vulnerability exists due to insufficient filtration of user-supplied data (preview) passed to the "pi-develop/www/script/editor/markitup/preview/markdown.php" URL. An attacker could execute arbitrary HTML an...

A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote malicious user to perform a man-in-the-middle attack against the Secure Sockets Layer (SSL) tunnel established between ISE and PI. T...

Cisco Prime Infrastructure

A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote malicious user to upload an arbitrary file. This file could allow the malicious user to execute commands at the privilege...

Cisco Prime Infrastructure 3.4\\(0.0\\)Cisco Prime Infrastructure 3.5\\(0.0\\)Cisco Prime Infrastructure 3.2\\(0.0\\)Cisco Prime Infrastructure 3.2\\(2.0\\)Cisco Prime Infrastructure 3.2 Cisco Prime Infrastructure 3.3 Cisco Prime Infrastructure 3.4 Cisco Prime Infrastructure 3.2\\(1.0\\)Cisco Prime Infrastructure 3.3\\(0.0\\)

1 EDB exploit

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute code with root-level privileges on the underlying operating system. This vu...

Cisco Prime Infrastructure Cisco Evolved Programmable Network Manager Cisco Network Level Service 3.0\\(0.0.83b\\)

2 EDB exploits1 Github repository1 Article

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute code with root-level privileges on the underlying operating system. This vu...

Cisco Evolved Programmable Network Manager Cisco Prime Infrastructure

1 Article

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute code with root-level privileges on the underlying operating system. This vu...

Cisco Prime Infrastructure Cisco Network Level Service 3.0\\(0.0.83b\\)Cisco Evolved Programmable Network Manager

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...

Cisco Evolved Programmable Network Manager Cisco Prime Infrastructure

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...

Cisco Prime Infrastructure Cisco Network Level Service 3.0\\(0.0.83b\\)Cisco Evolved Programmable Network Manager

A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execu...

Cisco Evolved Programmable Network Manager 1.2.0 Cisco Evolved Programmable Network Manager 1.2.300 Cisco Evolved Programmable Network Manager 2.0.0 Cisco Prime Infrastructure 3.1 Cisco Evolved Programmable Network Manager 1.2.200 Cisco Prime Infrastructure 1.4.1 Cisco Prime Infrastructure 1.3.0.20 Cisco Prime Infrastructure 1.2.1 Cisco Prime Infrastructure 1.4.0.45 Cisco Prime Infrastructure 3.1\\(0.128\\)Cisco Prime Infrastructure 3.2\\(0.0\\)Cisco Prime Infrastructure 3.1\\(4.0\\)Cisco Prime Infrastructure 2.2 Cisco Prime Infrastructure 1.2 Cisco Prime Infrastructure 2.2\\(2\\)Cisco Prime Infrastructure 1.4.2 Cisco Prime Infrastructure 1.2.0.103 Cisco Prime Infrastructure 3.1.1 Cisco Prime Infrastructure 2.2\\(3\\)Cisco Prime Infrastructure 3.0 Cisco Evolved Programmable Network Manager 2.0\\(4.0.45d\\)Cisco Evolved Programmable Network Manager 1.2.500

SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be ac...

Sap Netweaver Process Integration 7.10 Sap Netweaver Process Integration 7.11 Sap Netweaver Process Integration 7.30 Sap Netweaver Process Integration 7.40 Sap Netweaver Process Integration 7.31 Sap Netweaver Process Integration 7.50

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook