20 matches found
CVE-2009-4038
Multiple cross-site scripting XSS vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 onok or 2 oncancel parameter to the logon program. NOTE: the provenance of this information is unknown; the details are obtained...
EUVD-2009-4009
Malware in sbrugna...
EUVD-2025-22895
Malicious code in bioql PyPI...
CVE-2025-6918
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ncvav Virtual PBX Software allows SQL Injection.This issue affects Virtual PBX Software: before 09.07.2025...
CVE-2025-6918
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ncvav Virtual PBX Software allows SQL Injection.This issue affects Virtual PBX Software: before 09.07.2025...
CVE-2025-6918 SQLi in Ncvav's Virtual PBX Software
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ncvav Virtual PBX Software allows SQL Injection.This issue affects Virtual PBX Software: before 09.07.2025...
CVE-2025-6918 SQLi in Ncvav's Virtual PBX Software
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ncvav Virtual PBX Software allows SQL Injection.This issue affects Virtual PBX Software: before 09.07.2025...
CVE-2025-6918
Summary : CVE-2025-6918 is a SQL Injection vulnerability in Ncvav Virtual PBX Software caused by improper neutralization of special elements in SQL commands. Affected software/versions : earlier than 2025-09-07 (09.07.2025). Multiple sources (NVD, Red Hat, CVE list, CNNVD, PT Security) consistent...
Ncvav Virtual PBX Software SQL注入漏洞
Ncvav Virtual PBX Software is a telephone exchange system from the Turkish company Ncvav. A SQL injection vulnerability exists in Ncvav Virtual PBX Software versions prior to 2025.07.09, which stems from improper neutralization of special elements and is susceptible to SQL injection attacks...
PT-2025-31094 · Unknown · Ncvav Virtual Pbx
Name of the Vulnerable Software and Affected Versions: Ncvav Virtual PBX Software versions prior to 09.07.2025 Description: Ncvav Virtual PBX Software is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for potential SQL...
Axon Virtual PBX Detection (HTTP)
HTTP based detection of Axon Virtual PBX. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.108033"...
Axon Virtual PBX < 2.13 /logon Multiple Parameter XSS
Binary data 5612.prm...
Axon Virtual PBX 2.13 Multiple Remote Vulnerabilities
NCH Software Axon virtual PBX is prone to multiple remote vulnerabilities, including: - A cross-site scripting vulnerability. - A cross-site request forgery vulnerability. - An arbitrary file deletion vulnerability. - A directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG...
Axon Virtual PBX Multiple XSS Vulnerabilities
Axon Virtual PBX is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Axon Virtual PBX Version Detection (SIP)
This script performs SIP based detection of Axon Virtual PBX. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
CVE-2009-4038
Multiple cross-site scripting XSS vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 onok or 2 oncancel parameter to the logon program. NOTE: the provenance of this information is unknown; the details are obtained...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 onok or 2 oncancel parameter to the logon program. NOTE: the provenance of this information is unknown; the details are obtained...
CVE-2009-4038
Multiple cross-site scripting XSS vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 onok or 2 oncancel parameter to the logon program. NOTE: the provenance of this information is unknown; the details are obtained...
CVE-2009-4038
CVE-2009-4038 affects Axon Virtual PBX (NCH Software) versions 2.10 and 2.11. The vulnerability is a multiple cross-site scripting (XSS) flaw in the /logon page where the attacker can supply unsanitized values via the parameters onok or oncancel , allowing remote injection of arbitrary HTML/JavaS...
Axon Virtual PBX /logon Multiple Parameter XSS
The remote web server is the internal web server component included with Axon Virtual PBX, a Windows application used to manage phone calls. The installed version of this web server fails to sanitize user- supplied input to the 'onok' parameter of the '/logon' script before using it to generate...