Skip to main content
CVE-2021-37444 HIGH POC This Week

NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Path Traversal RCE Ivm Attendant
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-37441 HIGH POC This Week

NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Axon Pbx
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-37447 HIGH POC This Week

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Quorum
NVD GitHub
CVSS 3.1
8.1
EPSS
1.6%
CVE-2021-37443 HIGH POC This Week

NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ivm Attendant
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-3663 HIGH POC PATCH This Week

firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Firefly Iii
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy