NCH Software
Products
10- 6 CVEs
- 4 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
20| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37444 | Hig | 0.57 | 8.8 | 0.02 | Jul 25, 2021 | NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file… | ||
| CVE-2020-11561 | Hig | 0.57 | 8.8 | 0.02 | Apr 7, 2020 | In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen. | ||
| CVE-2020-11560 | Hig | 0.54 | 7.8 | 0.01 | Apr 7, 2020 | NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file. | ||
| CVE-2021-37440 | Med | 0.42 | 6.5 | 0.01 | Jul 25, 2021 | NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring. | ||
| CVE-2021-37439 | Med | 0.42 | 6.5 | 0.01 | Jul 25, 2021 | NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability. | ||
| CVE-2020-13474 | Med | 0.42 | 6.5 | 0.01 | Dec 28, 2020 | In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users. | ||
| CVE-2020-13473 | Med | 0.36 | 5.5 | 0.00 | Dec 28, 2020 | NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file. | ||
| CVE-2021-37460 | Med | 0.35 | 5.4 | 0.01 | Jul 25, 2021 | Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected). | ||
| CVE-2021-37459 | Med | 0.35 | 5.4 | 0.01 | Jul 25, 2021 | Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored). | ||
| CVE-2021-37458 | Med | 0.35 | 5.4 | 0.01 | Jul 25, 2021 | Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored). | ||
| CVE-2021-37454 | Med | 0.35 | 5.4 | 0.01 | Jul 25, 2021 | Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored). | ||
| CVE-2021-37453 | Med | 0.35 | 5.4 | 0.01 | Jul 25, 2021 | Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored). | ||
| CVE-2021-37450 | Med | 0.35 | 5.4 | 0.01 | Jul 25, 2021 | Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected). | ||
| CVE-2019-16330 | Med | 0.35 | 5.4 | 0.01 | Oct 17, 2019 | In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject… | ||
| CVE-2019-16282 | Med | 0.35 | 5.4 | 0.01 | Oct 14, 2019 | In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript. | ||
| CVE-2020-13476 | Med | 0.31 | 4.8 | 0.01 | Dec 28, 2020 | NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module. | ||
| CVE-2008-2894 | 0.03 | — | 0.02 | Jun 27, 2008 | Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | |||
| CVE-2010-5220 | 0.00 | — | 0.00 | Sep 6, 2012 | Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .meo or .cry file. NOTE: some of these details are… | |||
| CVE-2009-4038 | 0.00 | — | 0.02 | Nov 20, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) onok or (2) oncancel parameter to the logon program. NOTE: the provenance of this information is unknown;… | |||
| CVE-2006-4603 | 0.00 | — | 0.02 | Sep 7, 2006 | NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass authentication via a null password. |
- risk 0.57cvss 8.8epss 0.02
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file…
- risk 0.57cvss 8.8epss 0.02
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.
- risk 0.54cvss 7.8epss 0.01
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file.
- risk 0.42cvss 6.5epss 0.01
NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.
- risk 0.42cvss 6.5epss 0.01
NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability.
- risk 0.42cvss 6.5epss 0.01
In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users.
- risk 0.36cvss 5.5epss 0.00
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file.
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected).
- risk 0.35cvss 5.4epss 0.01
In NCH Express Accounts Accounting v7.02, persistent cross site scripting (XSS) exists in Invoices/Sales Orders/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Sales Orders/Items/Customers/Quotes fields parameter to inject…
- risk 0.35cvss 5.4epss 0.01
In NCH Express Invoice v7.12, persistent cross site scripting (XSS) exists via the Invoices/Items/Customers/Quotes input field. An authenticated unprivileged user can add/modify the Invoices/Items/Customers fields parameter to inject arbitrary JavaScript.
- risk 0.31cvss 4.8epss 0.01
NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module.
- CVE-2008-2894Jun 27, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
- CVE-2010-5220Sep 6, 2012risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .meo or .cry file. NOTE: some of these details are…
- CVE-2009-4038Nov 20, 2009risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) onok or (2) oncancel parameter to the logon program. NOTE: the provenance of this information is unknown;…
- CVE-2006-4603Sep 7, 2006risk 0.00cvss —epss 0.02
NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass authentication via a null password.