3 matches found
CVE-2008-6894
3CX Phone System for Windows (Free Edition) versions 6.1793 and 6.0.806.0 are affected by multiple XSS in login.php, exploitable via the fName and fPassword parameters. The underlying issue is insufficient input sanitization that allows an unauthenticated remote attacker to inject arbitrary HTML/...
CVE-2008-6895
CVE-2008-6895 affects 3CX Phone System 6.0.806.0. The vulnerability enables remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by Nessus/SAINT scans. The NVD metrics show a CVSSv2 base score of 7.8 (HIGH) with network access, no auth...
CVE-2008-6896
CVE-2008-6896 affects the 3CX Phone System (version 6.0.806.0). When disk usage reaches 100%, remote attackers can obtain sensitive information that reveals the installation path through unspecified vectors. The exact root cause is not detailed in the provided documents. Impact is described as pa...