Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Commsy Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11880 1 Commsy 1 Commsy 2019-05-23 5.0 MEDIUM 7.5 HIGH
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.
CVE-2017-1000496 1 Commsy 1 Commsy 2018-01-17 6.8 MEDIUM 8.8 HIGH
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.