Issabel PBX 4.0.0-6 - Directory Listing

An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory id: CVE-2023-37599 info: name: Issabel PBX 4.0.0-6 - Directory Listing author: ritikchaddha severity: high description: | An issue in issabel-pbx v.4.0.0-6 allows a remote attacker...

Issabel Authenticated - Remote Code Execution

A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asteriskcli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may be initiated...

EUVD-2021-20852

Malware in sbrugna...

EUVD-2023-41111

Malicious code in bioql PyPI...

EUVD-2021-33234

Malicious code in bioql PyPI...

EUVD-2023-41480

Malicious code in bioql PyPI...

EUVD-2025-32009

Malicious code in bioql PyPI...

EUVD-2023-41482

Malicious code in bioql PyPI...

EUVD-2023-38880

Malicious code in bioql PyPI...

EUVD-2023-41481

Malicious code in bioql PyPI...

EUVD-2025-32008

Malicious code in bioql PyPI...

EUVD-2023-41109

Malicious code in bioql PyPI...

EUVD-2023-41110

Malicious code in bioql PyPI...

CVE-2025-40648

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'numeroconferencia' parameter in '/index.php?menu=conferencia'...

CVE-2025-40647

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'email' parameter in '/index.php?menu=addressbook'...

CVE-2025-40647

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'email' parameter in '/index.php?menu=addressbook'...

CVE-2025-40648

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'numeroconferencia' parameter in '/index.php?menu=conferencia'...

CVE-2025-40648 Stored Cross-Site Scripting (XSS) vulnerability in Issabel products

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'numeroconferencia' parameter in '/index.php?menu=conferencia'...

CVE-2025-40648 Stored Cross-Site Scripting (XSS) vulnerability in Issabel products

Stored Cross-Site Scripting XSS vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, through the 'numeroconferencia' parameter in '/index.php?menu=conferencia'...

CVE-2025-40648

Issabel v5.0.0 is affected by a Stored Cross-Site Scripting (XSS) vulnerability triggered via the numero_conferencia parameter in /index.php?menu=conferencia. Root cause is insufficient validation of user-supplied data. The issue allows injection of malicious scripts that can be stored and later ...