Skip to main content

Ivm Attendant

7 CVEs product

Monthly

CVE-2021-37449 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmlist?folder= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-37448 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via the Mailbox name (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-37444 HIGH POC This Week

NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Path Traversal RCE Ivm Attendant
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-37443 HIGH POC This Week

NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ivm Attendant
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2021-37442 MEDIUM POC This Month

NCH IVM Attendant v5.12 and earlier allows path traversal via viewfile?file=/.. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ivm Attendant
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-37451 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-37450 MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmlist?folder= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via the Mailbox name (stored). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Path Traversal RCE +1
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC This Week

NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ivm Attendant
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

NCH IVM Attendant v5.12 and earlier allows path traversal via viewfile?file=/.. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ivm Attendant
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ivm Attendant
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy