Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nchsoftware vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-37450
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via /ogmprop?id= (reflected).
Nchsoftware Ivm Attendant
312
VMScore
CVE-2021-37453
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via the extension name (stored).
Nchsoftware Axon Pbx
312
VMScore
CVE-2021-37459
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via the customer name field (stored).
Nchsoftware Axon Pbx
312
VMScore
CVE-2021-37460
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via /planprop?id= (reflected).
Nchsoftware Axon Pbx
312
VMScore
CVE-2021-37462
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via /ipblacklist?errorip= (reflected).
Nchsoftware Axon Pbx
356
VMScore
CVE-2020-13474
In NCH Express Accounts 8.24 and previous versions, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users.
Nchsoftware Express Accounts
356
VMScore
CVE-2021-37442
NCH IVM Attendant v5.12 and previous versions allows path traversal via viewfile?file=/.. to read files.
Nchsoftware Ivm Attendant
578
VMScore
CVE-2021-37444
NCH IVM Attendant v5.12 and previous versions suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message functio...
Nchsoftware Ivm Attendant
312
VMScore
CVE-2021-37448
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and previous versions via the Mailbox name (stored).
Nchsoftware Ivm Attendant
312
VMScore
CVE-2021-37454
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and previous versions via the line name (stored).
Nchsoftware Axon Pbx
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »