Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crs vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-5440
Multiple PHP remote file inclusion vulnerabilities in CRS Manager allow remote malicious users to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter to (1) index.php or (2) login.php. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by ...
Crs Manager Crs Manager
1 EDB exploit
641
VMScore
CVE-2015-2210
The help window in Epicor CRS Retail Store prior to 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell.
Epicor Crs Retail Store
507
VMScore
CVE-2016-6401
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote malicious users to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494.
Cisco Carrier Routing System 5.1 Base
Cisco Carrier Routing System 5.1.4
801
VMScore
CVE-2009-2047
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) prior to 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to read, modify, or delete arbitrary files via unspecified v...
Cisco Crs 4.5
Cisco Crs 5.0
Cisco Unified Ccx 4.5\\(2\\)
Cisco Unified Ccx 4.0\\(3\\)
Cisco Unified Ip Ivr 4.0
Cisco Unified Ip Ivr 4.1
Cisco Unified Ip Contact Center Express 6.0\\(1\\)
Cisco Unified Ip Contact Center Express 7.0
Cisco Crs 3.5
Cisco Crs 4.0
Cisco Crs 4.1
Cisco Unified Ccx 4.0\\(1\\)
Cisco Unified Ccx 4.5\\(1\\)
Cisco Unified Ip Ivr 3.1
Cisco Unified Ip Ivr 3.0
Cisco Unified Ip Contact Center Express 3.0
Cisco Unified Ip Contact Center Express 5.0\\(1\\)
Cisco Crs 6.0
Cisco Unified Ccx 7.0\\(1\\)
Cisco Unified Ccx 4.0\\(4\\)
Cisco Unified Ccx 4.0\\(5a\\)
Cisco Unified Ip Ivr 4.5
312
VMScore
CVE-2009-2048
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) prior to 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX d...
Cisco Crs 7.0
Cisco Unified Ccx 6.0\\(1\\)
Cisco Unified Ccx 5.0\\(1\\)
Cisco Unified Ccx 3.5
Cisco Unified Ip Ivr 3.1
Cisco Unified Ip Ivr 7.0
Cisco Unified Ip Ivr 7.0\\(1\\)
Cisco Crs 4.1
Cisco Crs 4.5
Cisco Unified Ccx 4.5\\(2\\)
Cisco Unified Ccx 4.0\\(3\\)
Cisco Unified Ip Ivr 4.1
Cisco Unified Ip Ivr 4.5
Cisco Unified Ip Contact Center Express 6.0\\(1\\)
Cisco Unified Ip Contact Center Express 7.0
Cisco Customer Response Applications 3.5
Cisco Crs 3.5
Cisco Crs 4.0
Cisco Unified Ccx 4.0\\(1\\)
Cisco Unified Ccx 4.5\\(1\\)
Cisco Unified Ip Ivr 3.0
Cisco Unified Ip Ivr 4.0
632
VMScore
CVE-2013-5549
Cisco IOS XR 3.8.1 up to and including 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote malicious users to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka...
Cisco Ios Xr 4.0.1
Cisco Ios Xr 4.0.2
Cisco Ios Xr 4.0.3
Cisco Ios Xr 4.0.4
Cisco Ios Xr 3.8.1
Cisco Ios Xr 3.8.2
Cisco Ios Xr 3.8.3
Cisco Ios Xr 3.8.4
Cisco Ios Xr 3.9.1
Cisco Ios Xr 4.0.0
Cisco Ios Xr 4.1
Cisco Ios Xr 4.1.2
Cisco Ios Xr 3.9.0
Cisco Ios Xr 3.9.2
Cisco Ios Xr 4.1.1
Cisco Ios Xr 4.2.0
694
VMScore
CVE-2015-0769
Cisco IOS XR 4.0.1 up to and including 4.2.0 for CRS-3 Carrier Routing System allows remote malicious users to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.
Cisco Ios Xr Software 4.1 Base
Cisco Ios Xr Software 4.1.0
Cisco Ios Xr Software 4.2.0
Cisco Ios Xr Software 4.1.1
Cisco Ios Xr Software 4.1.2
Cisco Ios Xr Software 4.0.1
Cisco Ios Xr Software 4.0.3
Cisco Ios Xr Software 4.0.11
Cisco Ios Xr Software 4.0.2
Cisco Ios Xr Software 4.0.4
1 Article
NA
CVE-2010-1569
Cisco Unified Contact Center Express (UCCX or Unified CCX) contains a denial of service (DoS) vulnerability and a directory traversal vulnerability. These vulnerabilities are independent of each other. Exploitation of these vulnerabilities could result in a DoS condition or an in...
NA
CVE-2023-38199
coreruleset (aka OWASP ModSecurity Core Rule Set) up to and including 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow malicious users to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and...
Owasp Coreruleset
668
VMScore
CVE-2021-35368
OWASP ModSecurity Core Rule Set 3.1.x prior to 3.1.2, 3.2.x prior to 3.2.1, and 3.3.x prior to 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
Owasp Owasp Modsecurity Core Rule Set
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »