Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5440
Multiple PHP remote file inclusion vulnerabilities in CRS Manager allow remote malicious users to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter to (1) index.php or (2) login.php. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by ...
Crs Manager Crs Manager
1 EDB exploit
7.8
CVSSv3
CVE-2015-2210
The help window in Epicor CRS Retail Store prior to 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell.
Epicor Crs Retail Store
5.3
CVSSv3
CVE-2016-6401
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote malicious users to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494.
Cisco Carrier Routing System 5.1 Base
Cisco Carrier Routing System 5.1.4
NA
CVE-2009-2047
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) prior to 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified v...
Cisco Crs 4.5
Cisco Crs 5.0
Cisco Unified Ccx 4.5\\(2\\)
Cisco Unified Ccx 4.0\\(3\\)
Cisco Unified Ip Ivr 4.0
Cisco Unified Ip Ivr 4.1
Cisco Unified Ip Contact Center Express 6.0\\(1\\)
Cisco Unified Ip Contact Center Express 7.0
Cisco Crs 3.5
Cisco Crs 4.0
Cisco Crs 4.1
Cisco Unified Ccx 4.0\\(1\\)
Cisco Unified Ccx 4.5\\(1\\)
Cisco Unified Ip Ivr 3.1
Cisco Unified Ip Ivr 3.0
Cisco Unified Ip Contact Center Express 3.0
Cisco Unified Ip Contact Center Express 5.0\\(1\\)
Cisco Crs 6.0
Cisco Unified Ccx 7.0\\(1\\)
Cisco Unified Ccx 4.0\\(4\\)
Cisco Unified Ccx 4.0\\(5a\\)
Cisco Unified Ip Ivr 4.5
NA
CVE-2009-2048
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) prior to 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX d...
Cisco Crs 7.0
Cisco Unified Ccx 6.0\\(1\\)
Cisco Unified Ccx 5.0\\(1\\)
Cisco Unified Ccx 3.5
Cisco Unified Ip Ivr 3.1
Cisco Unified Ip Ivr 7.0
Cisco Unified Ip Ivr 7.0\\(1\\)
Cisco Crs 4.1
Cisco Crs 4.5
Cisco Unified Ccx 4.5\\(2\\)
Cisco Unified Ccx 4.0\\(3\\)
Cisco Unified Ip Ivr 4.1
Cisco Unified Ip Ivr 4.5
Cisco Unified Ip Contact Center Express 6.0\\(1\\)
Cisco Unified Ip Contact Center Express 7.0
Cisco Customer Response Applications 3.5
Cisco Crs 3.5
Cisco Crs 4.0
Cisco Unified Ccx 4.0\\(1\\)
Cisco Unified Ccx 4.5\\(1\\)
Cisco Unified Ip Ivr 3.0
Cisco Unified Ip Ivr 4.0
NA
CVE-2013-5549
Cisco IOS XR 3.8.1 up to and including 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote malicious users to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka...
Cisco Ios Xr 4.0.1
Cisco Ios Xr 4.0.2
Cisco Ios Xr 4.0.3
Cisco Ios Xr 4.0.4
Cisco Ios Xr 3.8.1
Cisco Ios Xr 3.8.2
Cisco Ios Xr 3.8.3
Cisco Ios Xr 3.8.4
Cisco Ios Xr 3.9.1
Cisco Ios Xr 4.0.0
Cisco Ios Xr 4.1
Cisco Ios Xr 4.1.2
Cisco Ios Xr 3.9.0
Cisco Ios Xr 3.9.2
Cisco Ios Xr 4.1.1
Cisco Ios Xr 4.2.0
NA
CVE-2015-0769
Cisco IOS XR 4.0.1 up to and including 4.2.0 for CRS-3 Carrier Routing System allows remote malicious users to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.
Cisco Ios Xr Software 4.1 Base
Cisco Ios Xr Software 4.1.0
Cisco Ios Xr Software 4.2.0
Cisco Ios Xr Software 4.1.1
Cisco Ios Xr Software 4.1.2
Cisco Ios Xr Software 4.0.1
Cisco Ios Xr Software 4.0.3
Cisco Ios Xr Software 4.0.11
Cisco Ios Xr Software 4.0.2
Cisco Ios Xr Software 4.0.4
1 Article
NA
CVE-2010-1569
Cisco Unified Contact Center Express (UCCX or Unified CCX) contains a denial of service (DoS) vulnerability and a directory traversal vulnerability. These vulnerabilities are independent of each other. Exploitation of these vulnerabilities could result in a DoS condition or an in...
9.8
CVSSv3
CVE-2023-38199
coreruleset (aka OWASP ModSecurity Core Rule Set) up to and including 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow malicious users to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and...
Owasp Coreruleset
9.8
CVSSv3
CVE-2021-35368
OWASP ModSecurity Core Rule Set 3.1.x prior to 3.1.2, 3.2.x prior to 3.2.1, and 3.3.x prior to 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
Owasp Owasp Modsecurity Core Rule Set
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »