Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2017-14536

Disclosure Date: February 16, 2018 (last updated November 26, 2024)
trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php.
0
0
Attacker Value
Unknown

CVE-2017-14537

Disclosure Date: February 16, 2018 (last updated November 26, 2024)
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-14535

Disclosure Date: February 16, 2018 (last updated November 26, 2024)
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0