21 matches found
EUVD-2023-37910
Malicious code in bioql PyPI...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
Authentication flaw
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
Cross site scripting
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
PT-2024-12441 · Splicecom · Splicecom Maximiser Soft Pbx
Name of the Vulnerable Software and Affected Versions: SpliceCom Maximiser Soft PBX versions 1.5 and before Description: The issue allows attackers to eavesdrop on communications via a man-in-the-middle attack because the software utilizes a default SSL certificate. Recommendations: For SpliceCom...
SpliceCom Maximiser Soft PBX Security Breach
Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in SpliceCom Maximiser Soft PBX v1.5 version and prior versions, which stems from Unrestricted Excessive Authentication Attempts UEAL, which allows an attacker to bypass authentication via brute force attack...
CVE-2023-33758
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...
SpliceCom Maximiser Soft PBX Security Breach
Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in SpliceCom Maximiser Soft PBX v1.5 version and earlier versions, which stems from the use of default SSL certificates...
PT-2024-12440 · Splicecom · Splicecom Maximiser Soft Pbx
Name of the Vulnerable Software and Affected Versions: SpliceCom Maximiser Soft PBX versions 1.5 and before Description: The issue allows attackers to bypass authentication via a brute force attack due to the lack of restriction on excessive authentication attempts. Recommendations: For SpliceCom...
Splicecom Maximiser Soft PBX Security Breach
Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in Splicecom Maximiser Soft PBX v1.5 and prior versions, which stems from a cross-site scripting XSS vulnerability in the CLIENTNAME and DEVICEGUID fields in the login component...
CVE-2023-33759
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...
PT-2024-12439 · Splicecom · Splicecom Maximiser Soft Pbx
Name of the Vulnerable Software and Affected Versions: Splicecom Maximiser Soft PBX versions 1.5 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the CLIENT NAME and DEVICE GUID fields in the login component...
CVE-2023-33760
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack...