Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nchsoftware vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-13473
NCH Express Accounts 8.24 and previous versions allows local users to discover the cleartext password by reading the configuration file.
Nchsoftware Express Accounts
4.8
CVSSv3
CVE-2020-13476
NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module.
Nchsoftware Express Invoice
8.8
CVSSv3
CVE-2021-37444
NCH IVM Attendant v5.12 and previous versions suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message functio...
Nchsoftware Ivm Attendant
5.4
CVSSv3
CVE-2021-37449
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via /ogmlist?folder= (reflected).
Nchsoftware Ivm Attendant
5.4
CVSSv3
CVE-2021-37455
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via the outbound dialing plan (stored).
Nchsoftware Axon Pbx
5.4
CVSSv3
CVE-2021-37457
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via the SipRule field (stored).
Nchsoftware Axon Pbx
5.4
CVSSv3
CVE-2021-37459
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via the customer name field (stored).
Nchsoftware Axon Pbx
5.4
CVSSv3
CVE-2021-37461
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via /extensionsinstruction?id= (reflected).
Nchsoftware Axon Pbx
6.5
CVSSv3
CVE-2021-37442
NCH IVM Attendant v5.12 and previous versions allows path traversal via viewfile?file=/.. to read files.
Nchsoftware Ivm Attendant
8.1
CVSSv3
CVE-2021-37443
NCH IVM Attendant v5.12 and previous versions allows path traversal via the logdeleteselected check0 parameter for file deletion.
Nchsoftware Ivm Attendant
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »