Lucene search
+L

4 matches found

Vulnrichment
Vulnrichment
added 5 hours ago5 views

CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 5 hours ago8 views

CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS
Exploits0References2
CVE
CVE
added 5 hours ago6 views

CVE-2026-9586

CVE-2026-9586 describes an unauthenticated SQL injection in Sangoma Switchvox SMB Edition 8.3. The vulnerable component is the /pa endpoint, which processes XML beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries, enabling arbitrary SQL execution an...

9.3CVSS6.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 21 hours ago3 views

PT-2026-60810

An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...

9.3CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder