Search Results (364922 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-37470 1 Nchsoftware 1 Webdictate 2024-11-21 5.4 Medium
In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.
CVE-2021-37469 1 Nch 1 Webdictate 2024-11-21 6.5 Medium
In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem.
CVE-2021-37468 1 Nch 1 Reflect Customer Relationship Management 2024-11-21 3.3 Low
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.
CVE-2021-37467 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).
CVE-2021-37466 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).
CVE-2021-37465 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).
CVE-2021-37464 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).
CVE-2021-37463 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).
CVE-2021-37462 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected).
CVE-2021-37461 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).
CVE-2021-37460 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).
CVE-2021-37459 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).
CVE-2021-37458 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).
CVE-2021-37457 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).
CVE-2021-37456 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored).
CVE-2021-37455 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored).
CVE-2021-37454 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).
CVE-2021-37453 1 Nchsoftware 1 Axon Pbx 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).
CVE-2021-37452 1 Nch 1 Quorum 2024-11-21 5.5 Medium
NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files.
CVE-2021-37451 1 Nchsoftware 1 Ivm Attendant 2024-11-21 5.4 Medium
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected).