RSS   Vulnerabilities for 'Axon pbx'   RSS

2018-06-01
 
CVE-2018-11552

CWE-79
 

 
There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application.

 
 
CVE-2018-11551

CWE-426
 

 
AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly.

 

 >>> Vendor: NCH 2 Products
Axon virtual pbx
Axon pbx


Copyright 2019, cxsecurity.com

 

Back to Top