16 matches found
A2Billing Backup File Download / RCE Vulnerabilities
A2Billing is prone to backup file download and remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
A2billing Detection
Detection of A2billing. The script sends a connection request to the server and attempts to detect A2billing and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
A2billing 2.x - SQL Injection
A2billing 2.x - SQL Injection Title : A2billing 2.x , Sql injection vulnerability Vulnerable software : A2billing 2.x Author : Ahmed sultan 0x4148 Email : [email protected] Linkedin : https://www.linkedin.com/in/0x4148/ If you're looking for deep technical stuff , overcoming sanitization/hardening...
A2billing 2.x Backup Disclosure / Code Execution / SQL Injection Vulnerabilities
A2billing version 2.x suffers from backup disclosure, remote code execution, and remote SQL injection vulnerabilities. Title : A2billing 2.x , Unauthenticated Backup dump / RCE flaw Vulnerable software : A2billing 2.x Author : Ahmed Sultan 0x4148 Email : email protected Home : 0x4148.com Linkedin...
A2billing 2.x Backup Disclosure / Code Execution / SQL Injection
Title : A2billing 2.x , Unauthenticated Backup dump / RCE flaw Vulnerable software : A2billing 2.x Author : Ahmed Sultan 0x4148 Email : [email protected] Home : 0x4148.com Linkedin : https://www.linkedin.com/in/0x4148/ A2billing contain multiple flaws which can be chained together to achieve shell...
A2billing 2.x - SQL Injection
Title : A2billing 2.x , Sql injection vulnerability Vulnerable software : A2billing 2.x Author : Ahmed sultan 0x4148 Email : [email protected] Linkedin : https://www.linkedin.com/in/0x4148/ If you're looking for deep technical stuff , overcoming sanitization/hardening . . etc you can check out the...
A2billing 2.x - Backup File Download Remote Code Execution
A2billing 2.x - Backup File Download Remote Code Execution Title : A2billing 2.x , Unauthenticated Backup dump / RCE flaw Vulnerable software : A2billing 2.x Author : Ahmed Sultan 0x4148 Email : [email protected] Home : 0x4148.com Linkedin : https://www.linkedin.com/in/0x4148/ A2billing contain...
A2billing 2.x - Backup File Download / Remote Code Execution
Title : A2billing 2.x , Unauthenticated Backup dump / RCE flaw Vulnerable software : A2billing 2.x Author : Ahmed Sultan 0x4148 Email : [email protected] Home : 0x4148.com Linkedin : https://www.linkedin.com/in/0x4148/ A2billing contain multiple flaws which can be chained together to achieve shell...
Elastix 2.5 /a2billing/customer/iridium_thread.php SQL注入漏洞
No description provided by source...
Elastix transactionID SQL Injection Vulnerability
Elastix is an Asterisk PBX operating tool. A SQL injection vulnerability in the Elastix a2billing/customer/iridiumthreed.php script handling transactionID allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...
Elastix 'a2billing/customer/iridium_threed.php' SQL Injection Vulnerability
Ecuadorian Based Elastix is a suite of open source unified communications server software from Ecuadorian Based. The software provides IP PBX, e-mail, instant messaging, fax and collaboration. Elastix 'a2billing/customer/iridiumthreed.php' has a SQL injection vulnerability that can be exploited b...
CVE-2015-1875
Elastix 2.5.0 and earlier is affected by an SQL injection in a2billing/customer/iridium_threed.php, exploitable via the transactionID parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands, potentially impacting data confidentiality and integrity and possibly other...
Elastix 2.x - Blind SQL Injection
Title: Elastix v2.x Blind SQL Injection Vulnerability Author: Ahmed Aboul-Ela Twitter: https://twitter.com/aboul3la Vendor : http://www.elastix.org Version: v2.5.0 and prior versions should be affected too - Vulnerable Source Code snippet in "a2billing/customer/iridiumthreed.php": SQLExec...
Elastix 2.5.0 SQL Injection Vulnerability
Elastix versions 2.5.0 and below suffer from a remote blind SQL injection vulnerability. Title: Elastix v2.x Blind SQL Injection Vulnerability Author: Ahmed Aboul-Ela Twitter: https://twitter.com/aboul3la Vendor : http://www.elastix.org Version: v2.5.0 and prior versions should be affected too -...
Elastix 2.5.0 SQL Injection
Title: Elastix v2.x Blind SQL Injection Vulnerability Author: Ahmed Aboul-Ela Twitter: https://twitter.com/aboul3la Vendor : http://www.elastix.org Version: v2.5.0 and prior versions should be affected too - Vulnerable Source Code snippet in "a2billing/customer/iridiumthreed.php": SQLExec...
Asterisk2Billing v1.9.4 - SQL Injection Vulnerability
Document Title: =============== Asterisk2Billing v1.9.4 - SQL Injection Vulnerability Release Date: ============= 2011-08-11 Vulnerability Laboratory ID VL-ID: ==================================== 246 Product & Service Introduction: =============================== Asterisk ist eine freie Software...