CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

68 matches found

GithubExploit•added 2026/03/05 2:52 p.m.•100 views

Exploits

Exploit FreePBX / Elastix - callmepage.php Auteur : LECOMT...

6AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-1981

Malware in sbrugna...

7.5CVSS6.4AI score0.01735EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-6455

Malware in sbrugna...

4.3CVSS6.4AI score0.00748EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2010-1519

Malware in sbrugna...

5CVSS6.4AI score0.00092EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 6:13 a.m.•2 views

CVE-2012-6608

Cross-site scripting XSS vulnerability in xmlservices/Ebook.php in Elastix 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the Page parameter...

4.3CVSS5.9AI score0.00748EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 1:23 a.m.•5 views

CVE-2010-1492

Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. dot dot in the idnodo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5CVSS6.8AI score0.00092EPSS

Exploits0References1

The Hacker News•added 2022/07/16 6:33 a.m.•62 views

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system,...

9.8CVSS1.4AI score0.06473EPSS

Exploits1

OpenVAS•added 2021/03/22 12:0 a.m.•21 views

Elastix Detection (HTTP)

HTTP based detection of Elastix. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.117269";...

7.4AI score

Exploits0References1

The Hacker News•added 2020/11/05 10:18 a.m.•86 views

Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies

Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months. According to findings published by Check Point Research, the...

10CVSS0.2AI score0.4866EPSS

Exploits5

exploitpack•added 2015/09/06 12:0 a.m.•25 views

Elastix 2.5 - PHP Code Injection

Elastix 2.5 - PHP Code Injection '; $faf=fopen"fa.txt","w+"; fwrite$faf,$inj; fclose$faf; $myf='fa.txt'; $url = $target."/vtigercrm/phprint.php?action=fa&module=ff&langcrm=../../modules/Import/ImportStep2.php%00"; // URL $reffer = "http://1337s.cc/index.php"; $agent = "Mozilla/5.0 Windows; U;...

0.3AI score

Exploits0

0day.today•added 2015/09/06 12:0 a.m.•131 views

Elastix 2.5 PHP Code Injection Exploit

Exploit for php platform in category web applications '; $faf=fopen"fa.txt","w+"; fwrite$faf,$inj; fclose$faf; $myf='fa.txt'; $url = $target."/vtigercrm/phprint.php?action=fa&module=ff&langcrm=../../modules/Import/ImportStep2.php%00"; // URL $reffer = "http://1337s.cc/index.php"; $agent =...

7.1AI score

Exploits0

Exploit DB•added 2015/09/06 12:0 a.m.•128 views

Elastix < 2.5 - PHP Code Injection

'; $faf=fopen"fa.txt","w+"; fwrite$faf,$inj; fclose$faf; $myf='fa.txt'; $url = $target."/vtigercrm/phprint.php?action=fa&module=ff&langcrm=../../modules/Import/ImportStep2.php%00"; // URL $reffer = "http://1337s.cc/index.php"; $agent = "Mozilla/5.0 Windows; U; Windows NT 5.0; en-US; rv:1.4...

7.4AI score

Exploits0

seebug.org•added 2015/04/23 12:0 a.m.•14 views

Elastix 2.5 /a2billing/customer/iridium_thread.php SQL注入漏洞

No description provided by source...

7.1AI score

Exploits0

CNVD•added 2015/03/16 12:0 a.m.•2 views

Elastix transactionID SQL Injection Vulnerability

Elastix is an Asterisk PBX operating tool. A SQL injection vulnerability in the Elastix a2billing/customer/iridiumthreed.php script handling transactionID allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to manipulate or obtain database data...

8.1AI score

Exploits0References1

CNVD•added 2015/03/12 12:0 a.m.•4 views

Elastix 'a2billing/customer/iridium_threed.php' SQL Injection Vulnerability

Ecuadorian Based Elastix is a suite of open source unified communications server software from Ecuadorian Based. The software provides IP PBX, e-mail, instant messaging, fax and collaboration. Elastix 'a2billing/customer/iridiumthreed.php' has a SQL injection vulnerability that can be exploited b...

7.5CVSS8.7AI score0.01735EPSS

Exploits1References1

NVD•added 2015/03/11 2:59 p.m.•8 views

CVE-2015-1875

SQL injection vulnerability in a2billing/customer/iridiumthreed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter...

7.5CVSS8.4AI score0.01735EPSS

Exploits1References2

Prion•added 2015/03/11 2:59 p.m.•9 views

Sql injection

SQL injection vulnerability in a2billing/customer/iridiumthreed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter...

7.5CVSS9.1AI score0.01735EPSS

Exploits1References2Affected Software1

CVE•added 2015/03/11 2:0 p.m.•42 views

CVE-2015-1875

Elastix 2.5.0 and earlier is affected by an SQL injection in a2billing/customer/iridium_threed.php, exploitable via the transactionID parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands, potentially impacting data confidentiality and integrity and possibly other...

7.5CVSS8.7AI score0.01735EPSS

Exploits1References2Affected Software1

Cvelist•added 2015/03/11 2:0 p.m.•15 views

CVE-2015-1875

SQL injection vulnerability in a2billing/customer/iridiumthreed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter...

8.4AI score0.01735EPSS

Exploits1References2

exploitpack•added 2015/03/07 12:0 a.m.•16 views

Elastix 2.x - Blind SQL Injection

Elastix 2.x - Blind SQL Injection Title: Elastix v2.x Blind SQL Injection Vulnerability Author: Ahmed Aboul-Ela Twitter: https://twitter.com/aboul3la Vendor : http://www.elastix.org Version: v2.5.0 and prior versions should be affected too - Vulnerable Source Code snippet in...

0.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by