Vulnerabilities > Zenitel

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-15	CVE-2021-40845	Unrestricted Upload of File with Dangerous Type vulnerability in Zenitel Alphacom XE Audio Server The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. network low complexity zenitel CWE-434	8.8
2018-12-06	CVE-2018-19927	Cross-site Scripting vulnerability in Zenitel Ip-Stationweb Firmware Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zForm_save_changes sip_nick parameter. network low complexity zenitel CWE-79	4.8
2018-12-06	CVE-2018-19926	Cross-site Scripting vulnerability in Zenitel Ip-Stationweb Firmware Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO. network low complexity zenitel CWE-79	6.1

Vulnerabilities > Zenitel {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zenitel"}]}