Vulnerabilities > NCH
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-25 | CVE-2021-37439 | Path Traversal vulnerability in NCH Flexiserver NCH FlexiServer v6.00 suffers from a syslog?file=/.. | 4.0 |
| 2021-07-25 | CVE-2021-37440 | Path Traversal vulnerability in NCH Axon PBX 2.02 NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. | 4.0 |
| 2021-07-25 | CVE-2021-37441 | Path Traversal vulnerability in NCH Axon PBX 2.02 NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. | 6.5 |
| 2021-07-25 | CVE-2021-37452 | Cleartext Storage of Sensitive Information vulnerability in NCH Quorum NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files. | 2.1 |
| 2021-07-25 | CVE-2021-37468 | Cleartext Storage of Sensitive Information vulnerability in NCH Reflect Customer Relationship Management NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files. | 2.1 |
| 2021-07-25 | CVE-2021-37469 | Path Traversal vulnerability in NCH Webdictate In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. | 4.0 |
| 2018-06-01 | CVE-2018-11552 | Cross-site Scripting vulnerability in NCH Axon PBX 2.02 There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. | 4.3 |
| 2018-06-01 | CVE-2018-11551 | Untrusted Search Path vulnerability in NCH Axon PBX 2.02 AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. | 9.3 |
| 2009-11-20 | CVE-2009-4038 | Cross-Site Scripting vulnerability in NCH Axon Virtual PBX 2.10/2.11 Multiple cross-site scripting (XSS) vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) onok or (2) oncancel parameter to the logon program. | 4.3 |