CVE-2020-37104

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database...

CVE-2025-49832 Asterisk is Vulnerable to Remote DoS and possible RCE Attacks During Memory Allocation

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

CVE-2023-4234

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodesubmitreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

FreePBX 2.10.0, 2.9.0 - Multiple Vulnerabilities

No description provided by source. Product: FreePBX Version: 2.10.0, 2.9.0 and perhaps earlier versions Type: Remote Command Execution, XSS Release Date: March 14, 2012 Vendor Notification Date: Jun 12, 2011 Author: Martin Tschirsich Overview: A remote command execution vulnerability and some XSS...

FreePBX 2.10.0, 2.9.0 Multiple Vulnerabilities

Exploit for php platform in category web applications Product: FreePBX Version: 2.10.0, 2.9.0 and perhaps earlier versions Type: Remote Command Execution, XSS Release Date: March 14, 2012 Vendor Notification Date: Jun 12, 2011 Author: Martin Tschirsich Overview: A remote command execution...