Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for quorum by nchsoftware
CVE-2021-37445 (GCVE-0-2021-37445)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:13 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:13:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37445",
"datePublished": "2021-07-25T20:13:20.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37446 (GCVE-0-2021-37446)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:13 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:13:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37446",
"datePublished": "2021-07-25T20:13:10.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:03.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37447 (GCVE-0-2021-37447)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:12 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:12:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37447",
"datePublished": "2021-07-25T20:12:55.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37463 (GCVE-0-2021-37463)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37463",
"datePublished": "2021-07-25T20:09:53.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:03.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37464 (GCVE-0-2021-37464)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:41.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37464",
"datePublished": "2021-07-25T20:09:41.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37465 (GCVE-0-2021-37465)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37465",
"datePublished": "2021-07-25T20:09:33.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37466 (GCVE-0-2021-37466)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37466",
"datePublished": "2021-07-25T20:09:19.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37467 (GCVE-0-2021-37467)
Vulnerability from cvelistv5 – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37467",
"datePublished": "2021-07-25T20:09:07.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37445 (GCVE-0-2021-37445)
Vulnerability from nvd – Published: 2021-07-25 20:13 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:13:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37445",
"datePublished": "2021-07-25T20:13:20.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37446 (GCVE-0-2021-37446)
Vulnerability from nvd – Published: 2021-07-25 20:13 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:13:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37446",
"datePublished": "2021-07-25T20:13:10.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:03.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37447 (GCVE-0-2021-37447)
Vulnerability from nvd – Published: 2021-07-25 20:12 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:12:55.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_LFI.md"
},
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37447",
"datePublished": "2021-07-25T20:12:55.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37463 (GCVE-0-2021-37463)
Vulnerability from nvd – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37463",
"datePublished": "2021-07-25T20:09:53.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:03.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37464 (GCVE-0-2021-37464)
Vulnerability from nvd – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:41.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37464",
"datePublished": "2021-07-25T20:09:41.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37465 (GCVE-0-2021-37465)
Vulnerability from nvd – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37465",
"datePublished": "2021-07-25T20:09:33.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37466 (GCVE-0-2021-37466)
Vulnerability from nvd – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:19.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37466",
"datePublished": "2021-07-25T20:09:19.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37467 (GCVE-0-2021-37467)
Vulnerability from nvd – Published: 2021-07-25 20:09 – Updated: 2024-08-04 01:16
VLAI
Summary
In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.nch.com.au/conference/index.html | x_refsource_MISC |
| https://github.com/0xfml/poc/blob/main/NCH/Quorum… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:04.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-25T20:09:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nch.com.au/conference/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nch.com.au/conference/index.html",
"refsource": "MISC",
"url": "https://www.nch.com.au/conference/index.html"
},
{
"name": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md",
"refsource": "MISC",
"url": "https://github.com/0xfml/poc/blob/main/NCH/Quorum_2.03_XSS.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37467",
"datePublished": "2021-07-25T20:09:07.000Z",
"dateReserved": "2021-07-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:16:04.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}