Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

3 matches found

CVE
CVEβ€’added 2023/08/14 12:0 a.m.β€’50 views

CVE-2023-39292

Vulnerability summary (CVE-2023-39292): In MiVoice Office 400 SMB Controller, SQL Injection affects versions up to and including 1.2.5.23. The issue could allow an attacker to access sensitive data and perform arbitrary database/management operations. Root cause: SQL injection in the controller’s...

9.8CVSS9.6AI score0.00344EPSS
Exploits0References1Affected Software2
CVE
CVEβ€’added 2023/08/14 12:0 a.m.β€’42 views

CVE-2023-39293

The CVE-2023-39293 entry concerns a Command Injection vulnerability in Mitel MiVoice Office 400 SMB Controller (affected up to version 1.2.5.23). Exploitation could allow an attacker to execute arbitrary commands in the system context via network access (no user interaction). Public disclosures a...

9.8CVSS9.8AI score0.00756EPSS
Exploits0References1Affected Software2
CVE
CVEβ€’added 2018/10/23 9:0 p.m.β€’41 views

CVE-2018-16226

Affected product: Mitel MiVoice Office 400 web admin component. Vulnerability: reflected cross-site scripting (XSS) due to insufficient validation on the start.asp page in versions R5.0 HF3 (v8839a1) and earlier. Impact: unauthenticated attacker could execute arbitrary scripts and access sensitiv...

6.1CVSS6.1AI score0.00231EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder