Saphira Connect SQL Injection Vulnerability

Saphira Connect is a telephone exchange and call center server mobile application from Saphira Connect, Inc. An SQL injection vulnerability exists in versions prior to Saphira Connect 9 that stems from incorrect neutralization of specific elements used by the system...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55900)

NCH Axon PBX is a set of virtual telephone exchange software used in business environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A security vulnerability exists in NCH Axon PBX due to the lack of...

UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS)

Overview Remote system maintenance feature of UNIVERGE Aspire series PBX contain an issue in handling commands, which may cause a denial-of-service DoS. NEC Platforms, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and NEC Platforms, Ltd. coordinate...

Digium Asterisk Denial of Service Vulnerability

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR and so on. A security vulnerability exists in Digium Asterisk. An attacker could exploit the vulnerabili...