Lucene search
+L

26 matches found

Vulnrichment
Vulnrichment
added 2024/01/25 12:0 a.m.5 views

CVE-2023-33758

Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting XSS vulnerability via the CLIENTNAME and DEVICEGUID fields in the login component...

6AI score0.0037EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/25 12:0 a.m.5 views

SpliceCom Maximiser Soft PBX Security Breach

Splicecom Maximiser Soft PBX is an IP phone. A security vulnerability exists in SpliceCom Maximiser Soft PBX v1.5 version and prior versions, which stems from Unrestricted Excessive Authentication Attempts UEAL, which allows an attacker to bypass authentication via brute force attack...

9.8CVSS7AI score0.00799EPSS
Exploits1References2
CVE
CVE
added 2024/01/25 12:0 a.m.35 views

CVE-2023-33758

Splicecom Maximiser Soft PBX v1.5 and earlier is affected by a cross-site scripting (XSS) vulnerability in the login component, exploitable via the CLIENT_NAME and DEVICE_GUID fields. The issue is documented across multiple sources (NVD/Red Hat/CVE lists) with a CVSSv3.1 base score of 6.1 (MEDIUM...

6.1CVSS6AI score0.0037EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/25 12:0 a.m.32 views

CVE-2023-33759

SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack...

9.7AI score0.00799EPSS
Exploits1References1
CVE
CVE
added 2024/01/25 12:0 a.m.49 views

CVE-2023-33760

The CVE-2023-33760 entry concerns SpliceCom Maximiser Soft PBX, affected in version 1.5 and earlier. The root cause is the use of a default SSL certificate, which enables man-in-the-middle eavesdropping on communications. Impact is limited to confidentiality (C:H) with no integrity or availabilit...

5.3CVSS5.2AI score0.00276EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/25 12:0 a.m.9 views

PT-2024-12439 · Splicecom · Splicecom Maximiser Soft Pbx

Name of the Vulnerable Software and Affected Versions: Splicecom Maximiser Soft PBX versions 1.5 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the CLIENT NAME and DEVICE GUID fields in the login component...

6.1CVSS5.9AI score0.0037EPSS
Exploits1References5
Rows per page
Query Builder