RSS   Vulnerabilities for 'Commsy'   RSS

2019-05-22
 
CVE-2019-11880

CWE-89
 
 
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.

 
2018-01-03
 
CVE-2017-1000496

CWE-611
 
 
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.

 

Copyright 2024, cxsecurity.com

 

Back to Top