2 matches found
CVE-2018-15640
CVE-2018-15640 concerns improper access control in the Helpdesk App of Odoo Enterprise 10.0–12.0 . The vulnerability allows remote authenticated attackers to obtain elevated privileges via a crafted request, as described in the CVE entry. Connected sources corroborate the affected software and th...
Command injection
A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.21 could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to...