44 matches found
CVE-2008-6797
The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network...
EUVD-2020-23214
Malware in sbrugna...
EUVD-2008-6757
Malware in sbrugna...
CVE-2024-35287
A vulnerability in the NuPoint Messenger NPM component of Mitel MiCollab through version 9.8 SP1 9.8.1.5 could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploi...
CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...
CVE-2024-35285
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization...
CVE-2020-25609
The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to view and modify user data...
CVE-2020-35547
A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access view and modify to user data...
VulnCheck KEV: CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...
CVE-2024-35285
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization...
CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...
CVE-2024-35285
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization...
CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...
CVE-2024-35287
A vulnerability in the NuPoint Messenger NPM component of Mitel MiCollab through version 9.8 SP1 9.8.1.5 could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploi...
CVE-2024-35286
CVE-2024-35286 describes a SQL injection in Mitel MiCollab’s NuPoint Messenger (NPM) up to version 9.8.0.33. An unauthenticated attacker can exploit insufficient input sanitization to read or modify data and perform arbitrary database/management operations. This has a high impact per CVSS 3.1 (CR...
CVE-2024-35285
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization...
CVE-2024-35285
Summary: CVE-2024-35285 affects Mitel MiCollab’s NuPoint Messenger (NPM) component. Affected products/versions: Mitel MiCollab NuPoint Messenger up to and including 9.8.0.33. Root cause: Insufficient parameter sanitization enabling an unauthenticated user to perform a command injection. Impact: U...
CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...
CVE-2024-35287
A vulnerability in the NuPoint Messenger NPM component of Mitel MiCollab through version 9.8 SP1 9.8.1.5 could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploi...
CVE-2024-35286
A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...