Lucene search
K

15 matches found

NVD
NVD
added yesterday5 views

CVE-2026-51946

SQL Injection vulnerability in GoAdminGroup GoAdmin last release v1.2.26 allows a remote attacker to execute arbitrary code and obtain sensitive information via the the sorttype URL parameter on all /admin/info/table endpoints...

6.5CVSS
Exploits0References2
CNVD
CNVD
added 2015/05/14 12:0 a.m.3 views

GoAutoDial GoAdmin CE 'cpanel' action variable arbitrary command execution vulnerability

GoAutoDial is a set of open source Web-based call center software running on CentOS systems.GoAdmin CE is one of the set of administrator applications. A security vulnerability in the 'cpanel' function in the gosite.php script of GoAutoDial GoAdmin CE allows remote attackers to execute arbitrary...

10CVSS7.6AI score0.12716EPSS
Exploits5References1
CNVD
CNVD
added 2015/05/14 12:0 a.m.3 views

GoAutoDial GoAdmin CE SQL Injection Vulnerability

GoAutoDial is a set of open source Web-based call center software running on CentOS systems.GoAdmin CE is one of the set of administrator applications. GoAutoDial GoAdmin CE's gologin.php script fails to adequately filter the 'username' and 'userpass' parameters, gologin/ validatecredentials/admi...

7.5CVSS7.5AI score0.38149EPSS
Exploits8References1
CNVD
CNVD
added 2015/05/14 12:0 a.m.3 views

GoAutoDial GoAdmin CE Arbitrary File Upload Vulnerability

GoAutoDial is a set of open source Web-based call center software running on CentOS systems.GoAdmin CE is one of the set of administrator applications. GoAutoDial An arbitrary file upload vulnerability exists in the goaudiostore.php script in the audiostore upload function of GoAdmin CE, which...

10CVSS7.4AI score0.13156EPSS
Exploits5References1
CNVD
CNVD
added 2015/05/14 12:0 a.m.3 views

GoAutoDial GoAdmin CE 'cpanel' Arbitrary Command Execution Vulnerability

GoAutoDial is a set of open source Web-based call center software running on CentOS systems.GoAdmin CE is one of the set of administrator applications. A security vulnerability in the 'cpanel' function in the gosite.php script of GoAutoDial GoAdmin CE allows remote attackers to execute arbitrary...

10CVSS7.6AI score0.71687EPSS
Exploits8References1
NVD
NVD
added 2015/05/12 7:59 p.m.15 views

CVE-2015-2842

Unrestricted file upload vulnerability in goaudiostore.php in the audiostore Voice Files upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...

10CVSS7.5AI score0.13156EPSS
Exploits5References5
Prion
Prion
added 2015/05/12 7:59 p.m.12 views

Sql injection

Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 userpass parameter in gologin.php or the PATHINFO to 3 gologin/validatecredentials/admin/ or 4 index.php/gosite/gogetuserinfo/...

7.5CVSS9.1AI score0.38149EPSS
Exploits8References6Affected Software1
Prion
Prion
added 2015/05/12 7:59 p.m.14 views

Unrestricted file upload

Unrestricted file upload vulnerability in goaudiostore.php in the audiostore Voice Files upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...

10CVSS8.1AI score0.13156EPSS
Exploits5References5Affected Software1
Prion
Prion
added 2015/05/12 7:59 p.m.12 views

Command injection

The cpanel function in gosite.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATHINFO...

10CVSS8AI score0.71687EPSS
Exploits8References6Affected Software1
Prion
Prion
added 2015/05/12 7:59 p.m.16 views

Command injection

The cpanel function in gosite.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATHINFO...

10CVSS8AI score0.12716EPSS
Exploits5References5Affected Software1
CVE
CVE
added 2015/05/12 7:0 p.m.59 views

CVE-2015-2844

CVE-2015-2844 affects GoAutoDial GoAdmin CE prior to 3.3-1420434000. The cpanel function in go_site.php processes the PATH_INFO action segment, and unsafely passes it to command execution, enabling remote attackers to run arbitrary commands. Impact: remote code execution with complete system comp...

10CVSS7.6AI score0.12716EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2015/05/12 7:0 p.m.22 views

CVE-2015-2844

The cpanel function in gosite.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATHINFO...

7.5AI score0.12716EPSS
Exploits5References5
Cvelist
Cvelist
added 2015/05/12 7:0 p.m.31 views

CVE-2015-2843

Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 userpass parameter in gologin.php or the PATHINFO to 3 gologin/validatecredentials/admin/ or 4 index.php/gosite/gogetuserinfo/...

8.4AI score0.38149EPSS
Exploits8References6
Cvelist
Cvelist
added 2015/05/12 7:0 p.m.22 views

CVE-2015-2842

Unrestricted file upload vulnerability in goaudiostore.php in the audiostore Voice Files upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...

7.5AI score0.13156EPSS
Exploits5References5
CVE
CVE
added 2015/05/12 7:0 p.m.66 views

CVE-2015-2843

GoAutoDial GoAdmin CE is vulnerable to SQL injection in go_login.php (parameters user_name, user_pass) and via PATH_INFO in go_login/validate_credentials/admin/ or index.php/go_site/go_get_user_info/. Affected versions are GoAutoDial GoAdmin CE before 3.3-1421902800. The root cause is inadequate ...

7.5CVSS8.5AI score0.38149EPSS
Exploits8References6Affected Software1
Rows per page
Query Builder