125 matches found
Exploit for Cross-Site Request Forgery (CSRF) in Issabel Pbx
issabel-pbx 4.0.0-6 - Cross Site Request Forgery CSRF to de...
Issabel PBX 跨站脚本漏洞
Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. A security vulnerability exists in Issabel issabel-pbx version v.4.0.0-6. An attacker can exploit this vulnerability to execute arbitrary web script or HTML v...
CVE-2023-34839
A Cross Site Request Forgery CSRF vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application...
CVE-2023-34839
A Cross Site Request Forgery CSRF vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application...
CVE-2023-34839
A Cross Site Request Forgery CSRF vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application...
Cross site request forgery (csrf)
A Cross Site Request Forgery CSRF vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application...
PT-2023-25025 · Issabel · Issabel
Name of the Vulnerable Software and Affected Versions: Issabel issabel-pbx version 4.0.0-6 Description: A Cross Site Request Forgery CSRF issue allows a remote attacker to gain privileges by creating a new user function in the application via a custom CSRF exploit. Recommendations: For Issabel...
CVE-2023-34839
CVE-2023-34839 affects Issabel issabel-pbx v4.0.0-6. The vulnerability is a Cross-Site Request Forgery (CSRF) that allows an authenticated attacker to gain privileges by exploiting a crafted CSRF to create a new user with administrator rights in the application. Evidence across multiple sources (...
CVE-2023-34839
A Cross Site Request Forgery CSRF vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application...
CVE-2023-34839
A Cross Site Request Forgery CSRF vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application...
Exploit for Cross-Site Request Forgery (CSRF) in Issabel Pbx
issabel-pbx 4.0.0-6 - Cross Site Request Forgery CSRF to Pr...
CVE-2021-46558
Multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields...
CVE-2021-46558
Multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields...
CVE-2021-46558
Multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields...
CVE-2021-46558
CVE-2021-46558 concerns Issabel PBX 20200102 with multiple XSS vulnerabilities in the Add User module. The flaws allow an attacker to inject arbitrary web scripts or HTML through crafted payloads in the username and password fields, enabling client-side script execution. Documented impact is limi...
CVE-2021-46558
Multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields...
Issabel PBX 跨站脚本漏洞
Issabel PBX is a software application. A free and open source software that allows you to build communication tools for your organization. A security vulnerability exists in Issabel PBX that stems from multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 2020010...
CVE-2021-43695
issabelPBX version 2.11 is affected by a Cross Site Scripting XSS vulnerability. In file page.backuprestore.php, the exit function will terminate the script and print the message to the user. The message will contain $REQUEST without sanitization, then there is a XSS vulnerability...
CVE-2021-34190
A stored cross site scripting XSS vulnerability in index.php?menu=billingrates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Name" or "Prefix" fields under the "Create New Rate" module...