78 matches found
EUVD-2021-24010
Malware in sbrugna...
EUVD-2021-24030
Malware in sbrugna...
EUVD-2021-24028
Malware in sbrugna...
EUVD-2021-24011
Malware in sbrugna...
EUVD-2021-24017
Malware in sbrugna...
EUVD-2021-24029
Malware in sbrugna...
EUVD-2021-24032
Malware in sbrugna...
EUVD-2021-24012
Malware in sbrugna...
EUVD-2021-24031
Malware in sbrugna...
CVE-2021-37466
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= reflected...
CVE-2021-37465
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= reflected...
CVE-2021-37464
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description stored...
CVE-2021-37467
In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= reflected...
CVE-2021-37452
NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files...
CVE-2021-37463
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name stored...
CVE-2021-37447
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion...
CVE-2021-37446
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading...
CVE-2021-37445
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading...
NCH Quorum Cross-Site Scripting Vulnerability
NCH Quorum is a teleconference server software. It can turn any computer into a conference call server. A cross-site scripting vulnerability exists in NCH Quorum, which stems from the product's /conferencebrowseuploadfile?confid=failure to properly handle user input data and can be exploited to...
NCH Quorum Cross-Site Scripting Vulnerability (CNVD-2021-55898)
NCH Quorum is a teleconference server software. It can turn any computer into a conference call server. A cross-site scripting vulnerability exists in NCH Quorum, which could be exploited by attackers to steal cookie-based authentication credentials from victims...