15 matches found
EUVD-2023-37910
Malicious code in bioql PyPI...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
Design/Logic Flaw
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
Authentication flaw
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
Cross site scripting
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33760
The CVE-2023-33760 entry concerns SpliceCom Maximiser Soft PBX, affected in version 1.5 and earlier. The root cause is the use of a default SSL certificate, which enables man-in-the-middle eavesdropping on communications. Impact is limited to confidentiality (C:H) with no integrity or availabilit...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33759
CVE-2023-33759 affects SpliceCom Maximiser Soft PBX, specifically versions 1.5 and earlier. The root cause is a lack of restriction on excessive authentication attempts, enabling brute-force authentication bypass. The vulnerability is rated with a high severity (CVSS v3.1: 9.8, Network vector, un...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
PT-2024-12439 · Splicecom · Splicecom Maximiser Soft Pbx
Name of the Vulnerable Software and Affected Versions: Splicecom Maximiser Soft PBX versions 1.5 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the CLIENT NAME and DEVICE GUID fields in the login component...