Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nchsoftware ivm attendant vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-37442
NCH IVM Attendant v5.12 and previous versions allows path traversal via viewfile?file=/.. to read files.
Nchsoftware Ivm Attendant
5.5
CVSSv2
CVE-2021-37443
NCH IVM Attendant v5.12 and previous versions allows path traversal via the logdeleteselected check0 parameter for file deletion.
Nchsoftware Ivm Attendant
6.5
CVSSv2
CVE-2021-37444
NCH IVM Attendant v5.12 and previous versions suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message functio...
Nchsoftware Ivm Attendant
3.5
CVSSv2
CVE-2021-37448
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via the Mailbox name (stored).
Nchsoftware Ivm Attendant
3.5
CVSSv2
CVE-2021-37449
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via /ogmlist?folder= (reflected).
Nchsoftware Ivm Attendant
3.5
CVSSv2
CVE-2021-37450
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via /ogmprop?id= (reflected).
Nchsoftware Ivm Attendant
3.5
CVSSv2
CVE-2021-37451
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via /msglist?mbx= (reflected).
Nchsoftware Ivm Attendant
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started