NCH IVM Attendant Cross-Site Scripting Vulnerability (CNVD-2021-55903)

NCH IVM Attendant is a complete voicemail, call attendant and IVR solution for Windows. a security vulnerability exists in NCH IVM Attendant due to a lack of comprehensive input validation, which can be exploited by an authenticated attacker to inject a JavaScript cross-site scripting payload int...

Cenroll ActiveX Control allows creation of arbitrary files.

Overview The ActiveX control Cenroll permits unauthorized users to create files on the local system. Description The ActiveX control "Cenroll" clsid: 43F8F289-7A20-11D0-8F06-00C04FC295E1, which is ordinarily marked safe-for-scripting allows callers to create files and write to the registry with t...