Atcom A10W Command Injection Vulnerability

ATCOM Technology A10W VoIP phone is an IP phone from ATCOM Technology China. A command injection vulnerability exists in the Remote Directory Configuration URI of the web interface in the ATCOM Technology A10W VoIP phone using firmware version 2.6.1a2421. The vulnerability stems from a network...

CVE-2019-12328

A command injection missing input validation issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request...

CVE-2019-12328

A command injection missing input validation issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request...

Command injection

A command injection missing input validation issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request...

CVE-2019-12328

CVE-2019-12328 affects the ATCOM A10W VoIP phone (firmware 2.6.1a2421). The web interface’s remote phonebook configuration URI is vulnerable to command injection via shell metacharacters in a POST request, enabling an authenticated remote attacker on the same network to trigger OS commands. Affec...

CVE-2019-12328

A command injection missing input validation issue in the remote phonebook configuration URI in the web interface of the Atcom A10W VoIP phone with firmware 2.6.1a2421 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request...

ATCOM PBX Detection (SIP)

Detection of ATCOM PBX. The script attempts to identify ATCOM via SIP banner to extract the version number. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

ATCOM PBX Authentication Bypass Vulnerability

ATCOM PBX is prone to an authentication bypass vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass

Exploit for hardware platform in category web applications Title: ATCOM PBX system , auth bypass exploit Author: i-Hmx contact : email protected Home : sec4ever.com Tested on : ATCOM IP01 , IP08 , IP4G and ip2G4A Details The mentioned system is affected by auth bypass flaw that allow an attacker ...

ATCOM PBX IP01 / IP08 / IP4 / IP2G4A - Authentication Bypass

Title: ATCOM PBX system , auth bypass exploit Author: i-Hmx contact : [email protected] Home : sec4ever.com Tested on : ATCOM IP01 , IP08 , IP4G and ip2G4A Details The mentioned system is affected by auth bypass flaw that allow an attacker to get admin access on the vulnerable machine without...

ATCOM PBX Authentication Bypass

Title: ATCOM PBX system , auth bypass exploit Author: i-Hmx contact : [email protected] Home : sec4ever.com Tested on : ATCOM IP01 , IP08 , IP4G and ip2G4A Details The mentioned system is affected by auth bypass flaw that allow an attacker to get admin access on the vulnerable machine without...

ATCOM PBX IP01 IP08 IP4 IP2G4A - Authentication Bypass

ATCOM PBX IP01 IP08 IP4 IP2G4A - Authentication Bypass Title: ATCOM PBX system , auth bypass exploit Author: i-Hmx contact : [email protected] Home : sec4ever.com Tested on : ATCOM IP01 , IP08 , IP4G and ip2G4A Details The mentioned system is affected by auth bypass flaw that allow an attacker to...

CVE-2014-2318

SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter...

Sql injection

SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter...

CVE-2014-2318

The provided connections confirm CVE-2014-2318 is an SQL injection vulnerability in ATCOM Netvolution 3, exploitable via the m parameter to allow remote arbitrary SQL execution. Affected component is ATCOM Netvolution 3; root cause is improper input handling leading to SQL command injection. Impa...

CVE-2014-2318

SQL injection vulnerability in ATCOM Netvolution 3 allows remote attackers to execute arbitrary SQL commands via the m parameter...

Netvolution WCM CMS 3 SQL Injection

Exploit Title: Netvolution WCM - CMS v3 SQL Injection Exploit Type: Error-based SQL injection Date: Sun 02 Mar 2014 Exploit Author: projectzero labs Projectzero ID: projectzero2014-002-netvolutionsqli Vendor Homepage: http://www.netvolution.net && http://www.atcom.gr Version: 3 as vendor comfirme...

IP phone AT6XX Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ================================== IP phone AT6XX Cross Site Scripting ================================== ======================================================= Exploit Title: IP phone AT6XX Cross Site Scripting Date: 27/05/2012 Author: cheki...

CVE-2009-5102

SQL injection vulnerability in default.asp in ATCOM Netvolution 1.0 ASP allows remote attackers to execute arbitrary SQL commands via the bpenid parameter...

CVE-2009-5103

Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...