Lucene search
+L

94 matches found

NVD
NVD
added 2024/01/29 12:15 a.m.34 views

CVE-2024-0986

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

9.8CVSS6.4AI score0.58153EPSS
Exploits2References4
OSV
OSV
added 2024/01/29 12:15 a.m.7 views

CVE-2024-0986

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

9.8CVSS5.6AI score0.58153EPSS
Exploits2References4
Prion
Prion
added 2024/01/29 12:15 a.m.33 views

Command injection

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

5.8CVSS7.7AI score0.58153EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2024/01/28 11:31 p.m.39 views

CVE-2024-0986 Issabel PBX Asterisk-Cli os command injection

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

5.8CVSS10AI score0.58153EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2024/01/28 11:31 p.m.10 views

CVE-2024-0986 Issabel PBX Asterisk-Cli os command injection

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

5.8CVSS7.7AI score0.58153EPSS
Exploits2References4
CVE
CVE
added 2024/01/28 11:31 p.m.97 views

CVE-2024-0986

CVE-2024-0986 affects Issabel PBX 4.0.0 through the Asterisk-Cli component. The vulnerability arises from improper handling of the Command argument in /index.php?menu=asterisk_cli, enabling OS command injection. Multiple connected sources describe this as an authenticated remote command execution...

9.8CVSS9.8AI score0.58153EPSS
Exploits2References4Affected Software1
CNNVD
CNNVD
added 2024/01/28 12:0 a.m.5 views

Issabel PBX Operating System Command Injection Vulnerability

Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. An OS command injection vulnerability exists in Issabel PBX version 4.0.0, which stems from the inclusion of some unknown processing in the component...

9.8CVSS7.5AI score0.58153EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/01/28 12:0 a.m.11 views

PT-2024-15962 · Unknown · Asterisk-Cli +1

Name of the Vulnerable Software and Affected Versions: Issabel PBX version 4.0.0 Description: A critical issue affects the processing of the file /index.php?menu=asterisk cli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be...

9.8CVSS7.7AI score0.58153EPSS
Exploits2References11
OSV
OSV
added 2023/07/13 10:15 p.m.4 views

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

7.5CVSS5.8AI score0.03632EPSS
Exploits1References1
NVD
NVD
added 2023/07/13 10:15 p.m.26 views

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

7.5CVSS0.03632EPSS
Exploits1References1
Prion
Prion
added 2023/07/13 10:15 p.m.24 views

Design/Logic Flaw

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

5CVSS7.3AI score0.03632EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2023/07/13 9:15 p.m.31 views

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

4.5CVSS0.00567EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2023/07/13 9:15 p.m.4 views

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

4.5CVSS5.8AI score0.00567EPSS
Exploits2References2
OSV
OSV
added 2023/07/13 9:15 p.m.5 views

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

4.5CVSS5.8AI score0.00567EPSS
Exploits2References1
Prion
Prion
added 2023/07/13 9:15 p.m.22 views

Cross site request forgery (csrf)

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

2.8CVSS5AI score0.00567EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2023/07/13 12:0 a.m.148 views

CVE-2023-37599

The CVE-2023-37599 entry affects Issabel PBX version 4.0.0-6, where a vulnerability in the modules directory could allow a remote attacker to obtain sensitive information. The connected Nuclei template names Issabel PBX 4.0.0-6 and documents directory listing as the attack vector, stating that an...

7.5CVSS7.2AI score0.03632EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/07/13 12:0 a.m.29 views

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

7.5AI score0.03632EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/13 12:0 a.m.9 views

CVE-2023-37599

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory...

6.4AI score0.03632EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/13 12:0 a.m.12 views

CVE-2023-37598

A Cross Site Request Forgery CSRF vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function...

7.2AI score0.00567EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.6 views

Issabel PBX 跨站请求伪造漏洞

Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. A cross-site request forgery vulnerability exists in Issabel PBX version v.4.0.0-6, which originates from a vulnerability that allows any remote attacker to...

4.5CVSS5AI score0.00567EPSS
Exploits2References2
Rows per page
Query Builder