Vulnerabilities (CVE)

Filtered by vendor 3cx Subscribe
Filtered by product 3cx Web Server
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14907 1 3cx 1 3cx Web Server 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
CVE-2018-14906 1 3cx 1 3cx Web Server 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
CVE-2018-14905 1 3cx 1 3cx Web Server 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter.