VYPR

Quorum

by Nch

CVEs (9)

  • CVE-2021-37447HigJul 25, 2021
    risk 0.53cvss 8.1epss 0.02

    In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.

  • CVE-2021-37445MedJul 25, 2021
    risk 0.42cvss 6.5epss 0.01

    In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.

  • CVE-2021-37452MedJul 25, 2021
    risk 0.36cvss 5.5epss 0.00

    NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files.

  • CVE-2021-37467MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).

  • CVE-2021-37466MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).

  • CVE-2021-37465MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).

  • CVE-2021-37464MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).

  • CVE-2021-37463MedJul 25, 2021
    risk 0.35cvss 5.4epss 0.01

    In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).

  • CVE-2021-37446MedJul 25, 2021
    risk 0.28cvss 4.3epss 0.01

    In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.