CVE-2024-28815
- EPSS 0.34%
- Published 27.03.2024 07:15:49
- Last modified 21.11.2024 09:06:59
A vulnerability in the BluStar component of Mitel InAttend 2.6 SP4 through 2.7 and CMG 8.5 SP4 through 8.6 could allow access to sensitive information, changes to the system configuration, or execution of arbitrary commands within the context of the ...
CVE-2018-18285
- EPSS 0.62%
- Published 25.04.2019 20:29:02
- Last modified 21.11.2024 03:55:38
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the login interface. A successful exploit could allow an attacker to e...
CVE-2018-18286
- EPSS 0.62%
- Published 25.04.2019 19:29:00
- Last modified 21.11.2024 03:55:39
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker ...
- EPSS 3.1%
- Published 02.04.2019 18:29:02
- Last modified 21.11.2024 03:57:39
The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentia...