Filtered by vendor Nchsoftware Subscriptions
Filtered by product Quorum Subscriptions
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-37467 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).
CVE-2021-37466 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).
CVE-2021-37465 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).
CVE-2021-37464 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).
CVE-2021-37463 1 Nchsoftware 1 Quorum 2024-11-21 5.4 Medium
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).
CVE-2021-37447 1 Nchsoftware 1 Quorum 2024-11-21 8.1 High
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.
CVE-2021-37446 1 Nchsoftware 1 Quorum 2024-11-21 4.3 Medium
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.
CVE-2021-37445 1 Nchsoftware 1 Quorum 2024-11-21 6.5 Medium
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.