Search Results | AttackerKB

34 Total Results

Displaying 11-20 of 34

Attacker Value

Unknown

CVE-2021-37451

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected).

Attacker Value

Unknown

CVE-2021-37460

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37458

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37454

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37453

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37455

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37457

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37450

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37462

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected).

Attack Vector: Network Privileges: Low User Interaction: Required

Attacker Value

Unknown

CVE-2021-37463

Disclosure Date: July 25, 2021 (last updated February 23, 2025)

In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).

Attack Vector: Network Privileges: Low User Interaction: Required

34 Total Results

Displaying 11-20 of 34

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification