57 matches found
EUVD-2014-5007
Malware in sbrugna...
EUVD-2014-5010
Malware in sbrugna...
EUVD-2010-0729
Malware in sbrugna...
EUVD-2007-6390
Malware in sbrugna...
EUVD-2014-5008
Malware in sbrugna...
CVE-2014-5111
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. dot dot in the lang parameter to 1 home/index.php, 2 asteriskinfo/asteriskinfo.php, 3 repo/repo.php, or 4 endpointcfg/endpointcfg.php in maint/modules/...
CVE-2014-5112
maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter...
CVE-2020-7351
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
CVE-2020-7351
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
Command injection
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
CVE-2020-7351
CVE-2020-7351 describes an authenticated OS command injection in Fonality Trixbox Community Edition, affecting the endpoint_devicemap.php component. The vulnerability allows execution of arbitrary OS commands as the user asterisk via the network POST parameter in /maint/modules/endpointcfg/endpoi...
CVE-2020-7351 Fonality Trixbox CE Post-Authentication Command Injection
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
CVE-2020-7351
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the “asterisk” user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
CVE-2016-2363
Fonality previously trixbox Pro 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account...
Fonality Trixbox CE 2.8.0.4 Command Execution
!/usr/bin/perl Title: Fonality trixbox CE remote root exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered & Coded: 2 June 2014 Published: 17 October 2014 MorXploit Research http://www.MorXploit.com Software: trixbox CE Version: trixbox-2.8.0.4.iso Vendor url:...
Fonality trixbox Multiple Vulnerabilities - Active Check
Fonality trixbox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-5112
maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter...
CVE-2014-5110
Cross-site scripting XSS vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the idnodo parameter...
CVE-2014-5111
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. dot dot in the lang parameter to 1 home/index.php, 2 asteriskinfo/asteriskinfo.php, 3 repo/repo.php, or 4 endpointcfg/endpointcfg.php in maint/modules/...
CVE-2014-5109
SQL injection vulnerability in maint/modules/endpointcfg/endpointgeneric.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action...