Commsy

commsy

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-11880 1Commsy 1Commsy Nov 21, 2024 May 22, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2.
CVE-2017-1000496 1Commsy 1Commsy Nov 21, 2024 Jan 3, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code.