- EPSS 2.12%
- Published 14.03.2018 16:29:00
- Last modified 21.11.2024 04:09:22
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to copy a malicious script into a newly generated PHP file an...
- EPSS 1.12%
- Published 14.03.2018 16:29:00
- Last modified 21.11.2024 04:09:22
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vn...
- EPSS 1.12%
- Published 14.03.2018 16:29:00
- Last modified 21.11.2024 04:09:22
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the ve...
- EPSS 32.34%
- Published 14.03.2018 16:29:00
- Last modified 21.11.2024 04:09:23
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vs...
CVE-2017-16250
- EPSS 0.23%
- Published 13.03.2018 19:29:00
- Last modified 21.11.2024 03:16:06
A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names.
- EPSS 1.44%
- Published 13.03.2018 19:29:00
- Last modified 21.11.2024 03:16:06
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to ...