Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Ivm attendant'
2021-07-25
CVE-2021-37442
CWE-22
NCH IVM Attendant v5.12 and earlier allows path traversal via viewfile?file=/.. to read files.
CVE-2021-37443
CWE-22
NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion.
CVE-2021-37444
CWE-22
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function.
CVE-2021-37450
CWE-79
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected).
CVE-2021-37451
CWE-79
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected).
>>>
Vendor:
Nchsoftware
7
Produkty
Meo encryption software
Axon pbx
Express invoice
Express accounts
Ivm attendant
Quorum
Webdictate
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Ivm attendant' 
Polish
English