Vulnerabilities > NCH > Axon PBX

DATE CVE VULNERABILITY TITLE RISK
2021-07-25 CVE-2021-37440 Path Traversal vulnerability in NCH Axon PBX 2.02
NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/..
network
low complexity
nch CWE-22
6.5
6.5
2021-07-25 CVE-2021-37441 Path Traversal vulnerability in NCH Axon PBX 2.02
NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/..
network
low complexity
nch CWE-22
8.8
8.8
2018-06-01 CVE-2018-11552 Cross-site Scripting vulnerability in NCH Axon PBX 2.02
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field.
network
low complexity
nch CWE-79
6.1
6.1
2018-06-01 CVE-2018-11551 Untrusted Search Path vulnerability in NCH Axon PBX 2.02
AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
local
low complexity
nch CWE-426
7.8
7.8