VYPR

Axon PBX

by Nch

CVEs (12)

  • CVE-2021-37441HigJul 25, 2021
    risk 0.57cvss 8.8epss 0.01

    NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring.

  • CVE-2021-37440MedJul 25, 2021
    risk 0.42cvss 6.5epss 0.01

    NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.

  • CVE-2021-37462MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected).

  • CVE-2021-37461MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).

  • CVE-2021-37460MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).

  • CVE-2021-37459MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).

  • CVE-2021-37458MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).

  • CVE-2021-37457MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).

  • CVE-2021-37456MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored).

  • CVE-2021-37455MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored).

  • CVE-2021-37454MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).

  • CVE-2021-37453MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).