Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Axon_pbx
(Nch)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-07-25 | CVE-2021-37440 | NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring. | Axon_pbx | 6.5 | ||
| 2021-07-25 | CVE-2021-37441 | NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring. | Axon_pbx | 8.8 | ||
| 2018-06-01 | CVE-2018-11552 | There is a reflected XSS vulnerability in AXON PBX 2.02 via the "AXON->Auto-Dialer->Agents->Name" field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application. | Axon_pbx | 6.1 | ||
| 2018-06-01 | CVE-2018-11551 | AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly. | Axon_pbx | 7.8 |