Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor 3cx Subscribe
Filtered by product 3cx Web Server
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14907 1 3cx 1 3cx Web Server 2020-08-24 5.0 MEDIUM 5.3 MEDIUM
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
CVE-2018-14906 1 3cx 1 3cx Web Server 2018-09-26 4.3 MEDIUM 6.1 MEDIUM
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
CVE-2018-14905 1 3cx 1 3cx Web Server 2018-09-26 4.3 MEDIUM 6.1 MEDIUM
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter.