2 matches found
CVE-2018-5781
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vendrecording.php page. Successful exploit could...
CVE-2018-5781
Mitel Connect ONSITE (R1711-PREM and earlier) and Mitel ST (14.2 GA28 and earlier) contain a PHP code injection vulnerability in the conferencing component. An unauthenticated attacker can send specially crafted requests to the vendrecording.php page to inject and execute arbitrary PHP code withi...