CVE-2023-25599

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2, 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the testpresenter.php page. A successful exploit could allow an...

EUVD-2018-17547

Malware in sbrugna...

EUVD-2017-7446

Malware in sbrugna...

EUVD-2018-17546

Malware in sbrugna...

CVE-2022-36452

A vulnerability in the web conferencing component of Mitel MiCollab through 9.5.0.101 could allow an unauthenticated attacker to upload malicious files. A successful exploit could allow an attacker to execute arbitrary code within the context of the application...

CVE-2019-19607

A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an attacker to extract sensitive information from the databas...

CVE-2024-41712

A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary commands on the system...

PT-2024-7508 · Mitel · Mitel Micollab

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions prior to 9.8 SP1 FP2 9.8.1.201 Description: A vulnerability in the AWV Conferencing component could allow an unauthenticated attacker to perform unauthorized data-access attacks due to missing authentication mechanisms...

PT-2024-7481 · Mitel · Mitel Micollab

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8.1.5 Description: The issue is related to insufficient validation of user input in the Web Conferencing Component, allowing an authenticated attacker to conduct a command injection attack. This could enable ...

CVE-2023-25598

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

CVE-2023-25598

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

Cross site scripting

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

CVE-2023-25598

Summary: CVE-2023-25598 affects Mitel MiVoice Connect, exploiting insufficient validation on the home.php page to enable reflected cross-site scripting (XSS) by an unauthenticated attacker. Affected versions: MiVoice Connect up to 19.3 SP2, and 20.x, 21.x, and 22.x (up to 22.24.1500.0). Impact: a...

CVE-2023-25598

A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the home.php page. A successful...

Mitel ShoreTel conferencing component cross-site scripting vulnerability

Mitel Connect Mitel ShoreTel is a software for office communication from Mitel Canada. The software provides access to corporate contacts, support for selecting contacts to open meetings, and an interface to manage calls and voicemail. A cross-site scripting vulnerability exists in the conferenci...

CVE-2018-12901

A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 19.49.9400.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the signin.php page. A successful exploit could allow an attack...

Cross site scripting

A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 19.49.9400.0 and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting XSS attack due to insufficient validation for the signin.php page. A successful exploit could allow an attack...

Mitel MiVoice Connect Cross-Site Scripting Vulnerability (CNVD-2018-08581)

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...

Mitel MiVoice Connect Cross-Site Scripting Vulnerability (CNVD-2018-08583)

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...

Mitel MiVoice Connect SQL Injection Vulnerability

Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Corporation of Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the...