2 matches found
CVE-2025-34335 AudioCodes Fax/IVR Appliance <= 2.6.23 Authenticated Command Injection via ActivateLicense.php
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in the license activation workflow handled by AudioCodesfiles/ActivateLicense.php. When a license file is uploaded, the application derives a new...
Zoho ManageEngine ADSelfService Plus XML External Entity Injection Vulnerability
ZOHO ManageEngine ADSelfService Plus is a Web-based end-user password management software from ZOHO. An XML external entity injection vulnerability exists in ZOHO ManageEngine ADSelfService Plus prior to 5.x build 5701, which can be exploited by an attacker to conduct XXE attacks via an uploaded...