CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/05/23 2:54 a.m.•3 views

CVE-2023-0480

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF...

8.8CVSS8.6AI score0.00185EPSS

Exploits1References1

OSV•added 2023/04/04 11:15 p.m.•1 views

CVE-2023-0486

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance's administrator account via a malicious link. This is possible because the application is vulnerable to XSS...

6.1CVSS5.8AI score0.00362EPSS

Exploits1References2

NVD•added 2023/04/04 11:15 p.m.•11 views

CVE-2023-0486

6.1CVSS6.2AI score0.00362EPSS

Exploits1References2

Prion•added 2023/04/04 11:15 p.m.•16 views

Cross site scripting

5.8CVSS6.1AI score0.00362EPSS

Exploits1References2Affected Software1

Prion•added 2023/04/04 11:15 p.m.•18 views

Cross site request forgery (csrf)

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF...

6.8CVSS8.6AI score0.00185EPSS

Exploits1References2Affected Software1

CNNVD•added 2023/04/04 12:0 a.m.•3 views

VitalPBX 跨站请求伪造漏洞

VitalPBX is an Asterisk-based unified communications PBX system. A security vulnerability exists in VitalPBX version 3.2.3-8 that stems from the program's susceptibility to CSRF attacks, which can be exploited by an attacker to gain access to an instance administrator's account...

8.8CVSS7.9AI score0.00185EPSS

Exploits1References3

Positive Technologies•added 2023/04/04 12:0 a.m.•4 views

PT-2023-16298 · Vitalpbx · Vitalpbx

Name of the Vulnerable Software and Affected Versions: VitalPBX version 3.2.3-8 Description: The issue allows an unauthenticated external attacker to obtain the instance's administrator account via a malicious link. This is possible because the application is vulnerable to cross-site scripting XS...

6.1CVSS6.2AI score0.00362EPSS

Exploits1References3

Positive Technologies•added 2023/04/04 12:0 a.m.•3 views

PT-2023-16293 · Vitalpbx · Vitalpbx

Name of the Vulnerable Software and Affected Versions: VitalPBX version 3.2.3-8 Description: The issue allows an unauthenticated external attacker to obtain the instance administrator's account due to the application being vulnerable to CSRF. Recommendations: For VitalPBX version 3.2.3-8, update ...

8.8CVSS8.6AI score0.00185EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by