EUVD-2024-53748

Malicious code in bioql PyPI...

EUVD-2024-53749

Malicious code in bioql PyPI...

CVE-2024-57785

Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file inclusion vulnerability via the component amcuploads.php...

Exploit for CVE-2024-57785

CVE-2024-57785 Exploit Title: Authenticated File Incl...

CVE-2024-57784

An issue in the component /php/scriptuploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal...

CVE-2024-57784

An issue in the component /php/scriptuploads.php of Zenitel AlphaWeb XE v11.2.3.10 allows attackers to execute a directory traversal...

CVE-2024-57784

CVE-2024-57784 targets Zenitel AlphaWeb XE v11.2.3.10, in the component /php/script_uploads.php, enabling a directory traversal. The issue is documented across multiple feeds as an arbitrary file read vulnerability within the web service’s script_uploads.php path. Public exploit activity exists (...

CVE-2024-57785

Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file inclusion vulnerability via the component amcuploads.php...

PT-2025-3571 · Zenitel · Zenitel Alphaweb Xe

Name of the Vulnerable Software and Affected Versions: Zenitel AlphaWeb XE version 11.2.3.10 Description: An issue in the component /php/script uploads.php allows attackers to execute a directory traversal. Recommendations: For Zenitel AlphaWeb XE version 11.2.3.10, consider restricting access to...

CVE-2024-57785

Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file inclusion vulnerability via the component amcuploads.php...

CVE-2024-57785

Zenitel AlphaWeb XE v11.2.3.10 is affected by a local file inclusion in the amc_uploads.php component. The CVE-2024-57785 entry notes a LFI vulnerability with network attack vector, requiring high privileges and no user interaction, and it exposes confidentiality risk (C:H/I:N/A:N; CVSS 3.1: 4.9 ...

Zenitel AlphaWeb XE 安全漏洞

Zenitel AlphaWeb XE is an embedded web server from Zenitel running on AlphaCom XE. A security vulnerability exists in Zenitel AlphaWeb XE version v11.2.3.10, which stems from a local file inclusion vulnerability discovered via the component amcuploads.php...

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload

I. VULNERABILITY ------------------------- AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE ------------------------- CVE-2021-40845 III. VENDOR ------------------------- https://www.zenitel.com/ IV. DESCRIPTION ------------------------- The web part of Zenitel...