15 matches found
EUVD-2025-4655
Malicious code in bioql PyPI...
EUVD-2025-4770
Malicious code in bioql PyPI...
CVE-2024-57056
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session...
CVE-2024-57055
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client not the general-use JSON services and requires reverse...
CVE-2024-57055
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client not the general-use JSON services and requires reverse...
CVE-2024-57056
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session...
CVE-2024-57055
CVE-2024-57055 affects WombatDialer prior to version 25.02. The issue is a server-side access control bypass that could allow unauthorized users to call certain client-only services, with the exploit requiring reverse engineering of a proprietary serialization protocol. Impact is limited to clien...
WombatDialer 安全漏洞
WombatDialer is a powerful predictive dialer for Asterisk PBX from WombatDialer. A security vulnerability exists in WombatDialer versions prior to 25.02 that stems from mishandling of cookie sessions, leading to session identity disclosure...
CVE-2024-57055
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client not the general-use JSON services and requires reverse...
CVE-2024-57056
WombatDialer prior to 25.02 mishandles cookie sessions, causing the full session identity to be logged in system logs and enabling a malicious actor to impersonate an existing user session. This CVE (CVE-2024-57056) is documented across multiple sources; the impact is described as exposure of ses...
WombatDialer 安全漏洞
WombatDialer is a powerful predictive dialer for Asterisk PBX from WombatDialer. A security vulnerability exists in WombatDialer versions prior to 25.02 that stems from a server-side access control bypass that could result in unauthorized calls to services...
CVE-2024-57056
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session...
CVE-2024-57055
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client not the general-use JSON services and requires reverse...
PT-2025-6738 · Unknown · Wombatdialer
Name of the Vulnerable Software and Affected Versions: WombatDialer versions prior to 25.02 Description: A Server-Side Access Control Bypass issue could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the...
CVE-2024-57056
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session...