7 matches found
EUVD-2025-8860
Malicious code in bioql PyPI...
CVE-2025-30006
Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-2292
Xorcom CompletePBX is vulnerable to an authenticated path traversal, allowing for arbitrary file reads via the Backup and Restore functionality.This issue affects CompletePBX: through 5.2.35...
EUVD-2025-8863
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
EUVD-2025-8862
Xorcom CompletePBX is vulnerable to a path traversal via the Diagnostics reporting module, which will allow reading of arbitrary files and additionally delete any retrieved file in place of the expected report. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30006 Xorcom CompletePBX <= 5.2.35 Reflected Cross-Site Scripting
Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30006
CVE-2025-30006 describes a reflected cross-site scripting (XSS) vulnerability in the admin control panel of Xorcom CompletePBX . The issue affects all CompletePBX versions up to and including 5.2.35. The vulnerability arises in the administrative interface and is exploitable under the CVSS 3.1 me...