Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
st14.2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-16250
A vulnerability in Mitel ST 14.2, release GA28 and previous versions, could allow an malicious user to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names.
Mitel St14.2
801
VMScore
CVE-2017-16251
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and previous versions, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an malicious user to execute arbitr...
Mitel St14.2
1 Github repository
890
VMScore
CVE-2018-5781
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to inject PHP code using specially crafted requests to the vendre...
Mitel Connect Onsite
Mitel St14.2
890
VMScore
CVE-2018-5779
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to copy a malicious script into a newly generated PHP file and th...
Mitel St14.2
Mitel Connect Onsite
890
VMScore
CVE-2018-5780
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to inject PHP code using specially crafted requests to the vnewme...
Mitel St14.2
Mitel Connect Onsite
890
VMScore
CVE-2018-5782
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and previous versions, and Mitel ST 14.2, release GA28 and previous versions, could allow an unauthenticated malicious user to inject PHP code using specially crafted requests to the vsetho...
Mitel St14.2
Mitel Connect Onsite
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started