Vulnerabilities (CVE)

Filtered by vendor Commsy Subscribe
Filtered by product Commsy
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-11880 1 Commsy 1 Commsy 2024-11-21 5.0 MEDIUM 7.5 HIGH
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.
CVE-2017-1000496 1 Commsy 1 Commsy 2024-11-21 6.8 MEDIUM 8.8 HIGH
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.