9 matches found
EUVD-2018-7481
Malware in sbrugna...
O2OA 信息泄露漏洞
LanDe Network O2oa is an Oa office system from LanDe Network China. An information disclosure vulnerability exists in O2OA 20240403 and prior versions, which stems from an unknown function in the file /xportal that can lead to information disclosure...
CVE-2018-15614
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11...
CVE-2018-15614 IP Office one-X Portal XSS
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11...
CVE-2018-15614
The CVE-2018-15614 entry concerns a stored cross-site scripting (XSS) vulnerability in the one-X Portal component of Avaya IP Office. The issue allows an authenticated user to inject XSS via fields in the Conference Scheduler Service, potentially affecting other application users. Affected versio...
CVE-2018-15610
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2...
CVE-2018-15610 Improper access controls in IP Office one-X Portal
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2...
CVE-2018-15610
CVE-2018-15610 affects Avaya IP Office, specifically the one-X Portal component. An authenticated attacker can read and delete arbitrary files on the system. Affected versions include 9.1 (9.1 SP12) and 10.x (10.0 SP7, 10.1 SP2). The available documentation states the vulnerability and impacted s...
Avaya one-X 9.x / 10.0.x / 10.1.x Arbitrary File Disclosure / Deletion
=============================== - Advisory - =============================== Tittle: one-X portal arbitrary OS file access Risk: High Date: 07.Ago.2018 Author: Pedro Andujar Twitter: @pandujar .: INTRO : one-X Portal for IP Office is an application that runs on a web server connected to the IP...