4 matches found
CVE-2020-7351
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
CVE-2020-7351 Fonality Trixbox CE Post-Authentication Command Injection
An OS Command Injection vulnerability in the endpointdevicemap.php component of Fonality Trixbox Community Edition allows an attacker to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsupported by the vendor since 2012...
Fonality Trixbox CE 2.8.0.4 Command Execution
!/usr/bin/perl Title: Fonality trixbox CE remote root exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered & Coded: 2 June 2014 Published: 17 October 2014 MorXploit Research http://www.MorXploit.com Software: trixbox CE Version: trixbox-2.8.0.4.iso Vendor url:...
Directory traversal
Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. dot dot in the langChoice parameter...