Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Axon Pbx Security Vulnerabilities

cve
cve

CVE-2018-11551

AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly.

7.8CVSS

7.9AI Score

0.009EPSS

2018-06-01 05:29 PM
17
cve
cve

CVE-2018-11552

There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable...

6.1CVSS

6.2AI Score

0.003EPSS

2018-06-01 05:29 PM
16
cve
cve

CVE-2021-37440

NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.

6.5CVSS

6.4AI Score

0.001EPSS

2021-07-25 10:15 PM
43
8
cve
cve

CVE-2021-37441

NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring.

8.8CVSS

8.7AI Score

0.001EPSS

2021-07-25 10:15 PM
45
4
cve
cve

CVE-2021-37453

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
36
2
cve
cve

CVE-2021-37454

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
37
4
cve
cve

CVE-2021-37455

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
38
2
cve
cve

CVE-2021-37456

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
35
5
cve
cve

CVE-2021-37457

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
38
5
cve
cve

CVE-2021-37458

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
39
7
cve
cve

CVE-2021-37459

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
41
6
cve
cve

CVE-2021-37460

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
37
6
cve
cve

CVE-2021-37461

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
38
6
cve
cve

CVE-2021-37462

Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected).

5.4CVSS

5.3AI Score

0.001EPSS

2021-07-25 09:15 PM
45
6