Skip to main content

3Cx Web Server

3 CVEs product

Monthly

CVE-2018-14907 MEDIUM POC This Month

The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 3Cx Web Server
NVD
CVSS 3.0
5.3
EPSS
1.0%
CVE-2018-14906 MEDIUM POC This Month

The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 3Cx Web Server
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-14905 MEDIUM POC This Month

The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 3Cx Web Server
NVD
CVSS 3.0
6.1
EPSS
0.7%
EPSS 1% CVSS 5.3
MEDIUM POC This Month

The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 3Cx Web Server
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 3Cx Web Server
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 3Cx Web Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy