2 matches found
VICIdial Multiple SQLi Vulnerabilities (CVE-2009-2234)
VICIdial is prone to multiple SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2009-2234
CVE-2009-2234 affects VICIdial Call Center Suite (example: 2.0.5-173) with multiple SQL injection vulnerabilities in admin.php. The root cause is unsafe handling of user-supplied input in the PHP_AUTH_USER and PHP_AUTH_PW parameters, allowing remote attackers to execute arbitrary SQL commands. Do...