EUVD-2017-7445

Malware in sbrugna...

EUVD-2017-7446

Malware in sbrugna...

The vulnerability of the conference communication component of the Mitel ST 14.2 telecommunications system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the conference communication component in Mitel ST 14.2 telecommunications systems is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

CVE-2018-12901

A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 19.49.9400.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the signin.php page. A successful exploit could allow an attack...

CVE-2018-12901

A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 19.49.9400.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the signin.php page. A successful exploit could allow an attack...

Mitel MiVoice Connect Cross-Site Scripting Vulnerability

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...

Mitel MiVoice Connect SQL Injection Vulnerability

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Corporation of Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the...

Mitel MiVoice Connect Cross-Site Scripting Vulnerability (CNVD-2018-08581)

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...

CVE-2018-9102

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for...

CVE-2018-9102

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for...

CVE-2018-9101

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient...

CVE-2018-9104

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient...

Sql injection

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for...

CVE-2018-9103

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient...

Cross site scripting

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient...

CVE-2018-9101

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 21.84.5535.0 and earlier, and Mitel ST 14.2, versions GA27 19.49.5200.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient...

CVE-2018-9101

Summary: CVE-2018-9101 is a reflected XSS vulnerability in the Mitel MiVoice Connect conferencing component. The issue affects Mitel MiVoice Connect versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2 GA27 (19.49.5200.0) and earlier. Root cause: insufficient validation on the la...

Mitel Connect ONSITE and Mitel ST conferencing component PHP vulnerability (CNVD-2018-07952)

Mitel Connect ONSITE and Mitel ST are both products of Mitel Corporation of Canada.Mitel Connect ONSITE is a unified communications management appliance.ST is a video conferencing product.conferencing component is one of the components with conferencing capabilities. A security vulnerability exis...

Mitel Connect ONSITE and Mitel ST conferencing component PHP vulnerability (CNVD-2018-07950)

Mitel Connect ONSITE and Mitel ST are both products of Mitel Corporation of Canada.Mitel Connect ONSITE is a unified communications management appliance.ST is a video conferencing product.conferencing component is one of the components with conferencing capabilities. A security vulnerability exis...

Mitel Connect ONSITE and Mitel ST conferencing component PHP vulnerabilities

Mitel Connect ONSITE and Mitel ST are both products of Mitel Corporation of Canada.Mitel Connect ONSITE is a unified communications management appliance.ST is a video conferencing product.conferencing component is one of the components with conferencing capabilities. A security vulnerability exis...