61 matches found
EUVD-2021-24013
Malware in sbrugna...
EUVD-2021-24015
Malware in sbrugna...
EUVD-2021-24007
Malware in sbrugna...
EUVD-2021-24016
Malware in sbrugna...
EUVD-2021-24009
Malware in sbrugna...
EUVD-2021-24008
Malware in sbrugna...
EUVD-2021-24014
Malware in sbrugna...
CVE-2021-37444
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt...
CVE-2021-37443
NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion...
CVE-2021-37442
NCH IVM Attendant v5.12 and earlier allows path traversal via viewfile?file=/.. to read files...
CVE-2021-37448
Cross Site Scripting XSS exists in NCH IVM Attendant v5.12 and earlier via the Mailbox name stored...
CVE-2021-37451
Cross Site Scripting XSS exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= reflected...
CVE-2021-37450
Cross Site Scripting XSS exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= reflected...
NCH IVM Attendant Cross-Site Scripting Vulnerability (CNVD-2021-55901)
NCH IVM Attendant is a complete voicemail, call attendant and IVR solution for Windows. a security vulnerability exists in NCH IVM Attendant due to a lack of comprehensive input validation, which can be exploited by an authenticated attacker to inject a JavaScript cross-site scripting payload int...
NCH IVM Attendant Directory Traversal Vulnerability (CNVD-2021-55908)
NCH IVM Attendant is a complete voicemail, call attendant and IVR solution for Windows.A security vulnerability exists in NCH IVM Attendant, which could be exploited by an attacker to delete files by traversing the path with the logdeleteselected check0 parameter...
NCH IVM Attendant Cross-Site Scripting Vulnerability (CNVD-2021-55902)
NCH IVM Attendant is a complete voicemail, call attendant and IVR solution for Windows. a security vulnerability exists in NCH IVM Attendant due to a lack of comprehensive input validation, which can be exploited by an authenticated attacker to inject a JavaScript cross-site scripting payload int...
NCH IVM Attendant Directory Traversal Vulnerability
NCH IVM Attendant is a complete voicemail, call attendant, and IVR solution for Windows.A security vulnerability in NCH IVM Attendant allows an authenticated attacker to exploit a user's access to a directory via viewfile?file=/... using directory traversal...
NCH IVM Attendant Cross-Site Scripting Vulnerability
NCH IVM Attendant is an application of nch. A cross-site scripting vulnerability exists in NCH IVM Attendant, which stems from the product's Mailbox name failing to properly filter incoming data for special characters, and could be exploited by attackers to execute client-side code...
NCH IVM Attendant Cross-Site Scripting Vulnerability (CNVD-2021-55903)
NCH IVM Attendant is a complete voicemail, call attendant and IVR solution for Windows. a security vulnerability exists in NCH IVM Attendant due to a lack of comprehensive input validation, which can be exploited by an authenticated attacker to inject a JavaScript cross-site scripting payload int...
NCH IVM Attendant Remote Code Execution Vulnerability
NCH IVM Attendant is a complete voicemail, call attendant, and IVR solution for Windows.A security vulnerability exists in NCH IVM Attendant, which stems from the fact that if the pathname of a ZIP element is set to the Windows startup folder, a file with a built-in Out-Going Message function, or...