65 matches found
CVE-2021-37455
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...
PT-2023-13335 · Motorola Mobility +1 · Motorola Smartphones +1
Name of the Vulnerable Software and Affected Versions: Smartphone firmware affected versions not specified Description: In some cases, when a device is USB-tethered to a host PC and sharing its mobile network connection, originating a call on the device may cause the device's modem to reset,...
Cross site request forgery (csrf)
When clicking on a tel: link, USSD codes, specified after a \ character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.This bug only affects...
The vulnerability of the SprdContactsProvider implementation in the Telephony component of Android operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SprdContactsProvider implementation in the Telephony component of Android operating systems is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected...
CVE-2022-20217
There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378...
PT-2022-4134 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to the SprdContactsProvider component in the Android Telephony system, which has weaknesses in its authorization mechanism. This could allow a remote attacker to ga...
CVE-2022-20134
In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
New Robo-Dialing Campaign Lets Users Prank Call Russian Bureaucrats
By Waqas If you want to prevent Russian officials from performing their government duties, theres a website that can fulfill… This is a post from HackRead.com Read the original post: New Robo-Dialing Campaign Lets Users Prank Call Russian Bureaucrats...
NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55887)
NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's outbound dialing plan to properly filter incoming data for special characters, which can be...
CVE-2021-37455
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...
CVE-2021-37455
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...
Cross site scripting
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...
CVE-2021-37455
CVE-2021-37455 describes a stored cross-site scripting (XSS) vulnerability in NCH Axon PBX, affecting v2.22 and earlier. The issue arises in the outbound dialing plan, where user-supplied data is not properly filtered for special characters, enabling execution of client-side code. The connected s...
CVE-2021-37455
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan stored...
NCH Axon PBX 跨站脚本漏洞
NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's outbound dialing plan to properly filter incoming data for special characters, which can be...
[SECURITY] Fedora 29 Update: mgetty-1.2.1-6.fc29
The mgetty package contains a "smart" getty which allows logins over a serial line i.e., through a modem. If you're using a Class 2 or 2.0 modem, mgetty can receive faxes. If you also need to send faxes, you'll need to install the sendfax program. If you'll be dialing in to your system using a...
Orange Livebox Cross-Site Request Forgery Vulnerability (CNVD-2019-03335)
Orange Livebox is an ADSL Asymmetric Digital Subscriber Line modem. In Orange Livebox version 00.96.320S Firmware version 00.96.320S, Boot v0.70.03, Modem version 5.4.1.10.1.1A, Hardware version 02 and Arcadyan ARV7519RW22-A-L T VR9 version 1.2 and Arcadyan ARV7519RW22-A-L T VR9 1.2 versions, a...
thetimenow.com XSS vulnerability
Open Bug Bounty ID: OBB-391556 Description| Value ---|--- Affected Website:| thetimenow.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
[SECURITY] Fedora 25 Update: minicom-2.7.1-1.fc25
Minicom is a simple text-based modem control and terminal emulation program somewhat similar to MSDOS Telix. Minicom includes a dialing directory, full ANSI and VT100 emulation, an external scripting language, and other features...
[SECURITY] Fedora 24 Update: minicom-2.7.1-1.fc24
Minicom is a simple text-based modem control and terminal emulation program somewhat similar to MSDOS Telix. Minicom includes a dialing directory, full ANSI and VT100 emulation, an external scripting language, and other features...