2 matches found
PT-2022-25071 · Unknown · Callbgprovider
Name of the Vulnerable Software and Affected Versions: CallBGProvider versions prior to SMR Nov-2022 Release 1 Description: The issue is related to an improper authorization vulnerability. It allows a local attacker to grant permission for accessing information with phone uid. Recommendations: Fo...
CVE-2008-1250
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence...