Vulnerabilities > NCH > Axon PBX > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-07-25 CVE-2021-37440 Path Traversal vulnerability in NCH Axon PBX 2.02
NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/..
network
low complexity
nch CWE-22
6.5
6.5
2018-06-01 CVE-2018-11552 Cross-site Scripting vulnerability in NCH Axon PBX 2.02
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field.
network
low complexity
nch CWE-79
6.1
6.1