Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-37446 | 1 Nchsoftware | 1 Quorum | 2021-08-04 | 4.0 MEDIUM | 4.3 MEDIUM |
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading. | |||||
CVE-2021-37447 | 1 Nchsoftware | 1 Quorum | 2021-08-04 | 5.5 MEDIUM | 8.1 HIGH |
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion. | |||||
CVE-2021-37463 | 1 Nchsoftware | 1 Quorum | 2021-07-30 | 3.5 LOW | 5.4 MEDIUM |
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored). | |||||
CVE-2021-37464 | 1 Nchsoftware | 1 Quorum | 2021-07-30 | 3.5 LOW | 5.4 MEDIUM |
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored). | |||||
CVE-2021-37465 | 1 Nchsoftware | 1 Quorum | 2021-07-30 | 3.5 LOW | 5.4 MEDIUM |
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected). | |||||
CVE-2021-37466 | 1 Nchsoftware | 1 Quorum | 2021-07-30 | 3.5 LOW | 5.4 MEDIUM |
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected). | |||||
CVE-2021-37467 | 1 Nchsoftware | 1 Quorum | 2021-07-30 | 3.5 LOW | 5.4 MEDIUM |
In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected). | |||||
CVE-2021-37445 | 1 Nchsoftware | 1 Quorum | 2021-07-30 | 4.0 MEDIUM | 6.5 MEDIUM |
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading. |