CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Dialogic PowerMedia XMS is a highly scalable, software-only media server that supports standards-based, real-time multimedia communication solutions for mobile and broadband environments. An XML external entity injection vulnerability exists in the Web services in Dialogic PowerMedia XMS 3.5 and...

9.1CVSS9.2AI score0.00633EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•2 views

Dialogic PowerMedia XMS Password Plaintext Storage Vulnerability

Dialogic PowerMedia XMS is a suite of software multimedia servers for real-time communications from Dialogic, Inc. that provide real-time multimedia communication solutions for IMS, MRF, enterprise and WebRTC applications. A security vulnerability in the management console in Dialogic PowerMedia...

7.8CVSS7.6AI score0.00054EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•1 views

Dialogic PowerMedia XMS Privilege Assignment Vulnerability

Dialogic PowerMedia XMS is a suite of software multimedia servers for real-time communications from Dialogic, Inc. that provide real-time multimedia communication solutions for IMS, MRF, enterprise and WebRTC applications. A privilege assignment vulnerability in Dialogic PowerMedia XMS 3.5 and...

7.8CVSS7.8AI score0.00046EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•2 views

Dialogic PowerMedia XMS password plaintext storage vulnerability (CNVD-2019-19212)

Dialogic PowerMedia XMS is a suite of software multimedia servers for real-time communications from Dialogic, Inc. that provide real-time multimedia communication solutions for IMS, MRF, enterprise and WebRTC applications. A password plaintext storage vulnerability exists in the...

8.1CVSS8.3AI score0.00451EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•1 views

Dialogic PowerMedia XMS Cross-Site Request Forgery Vulnerability

Dialogic PowerMedia XMS is a highly scalable, software-only media server that supports standards-based, real-time multimedia communication solutions for mobile and broadband environments. A cross-site request forgery vulnerability exists in the management console of Dialogic PowerMedia XMS 3.5 an...

8.8CVSS8.8AI score0.00204EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•2 views

Dialogic PowerMedia XMS Information Disclosure Vulnerability

Dialogic PowerMedia XMS is a highly scalable, software-only media server that supports standards-based, real-time multimedia communication solutions for mobile and broadband environments. An information disclosure vulnerability exists in the management console of Dialogic PowerMedia XMS 3.5 and...

7.5CVSS7.3AI score0.00358EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•2 views

Dialogic PowerMedia XMS Hardcoded Credentials Vulnerability

9.8CVSS9.5AI score0.00743EPSS

Exploits1References1

CNVD•added 2018/07/04 12:0 a.m.•1 views

Dialogic PowerMedia XMS File Unrestricted Upload Vulnerability

9CVSS7.3AI score0.02265EPSS

Exploits1References1

OSV•added 2018/07/03 5:29 p.m.•1 views

CVE-2018-11643

SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter...

8.8CVSS6.1AI score

Exploits0References1

Prion•added 2018/07/03 5:29 p.m.•16 views

Default credentials

Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext...

4.3CVSS8.1AI score0.00451EPSS

Exploits1References1Affected Software1

OSV•added 2018/07/03 5:29 p.m.•2 views

CVE-2018-11637

Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root...

7.5CVSS5.9AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by