Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netfortris Subscribe
Filtered by product Trixbox

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14537 1 Netfortris 1 Trixbox 2022-02-19 4.0 MEDIUM 6.5 MEDIUM
trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
CVE-2017-14535 1 Netfortris 1 Trixbox 2022-02-19 9.0 HIGH 8.8 HIGH
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
CVE-2017-14536 1 Netfortris 1 Trixbox 2018-03-06 3.5 LOW 5.4 MEDIUM
trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php.