3CX Phone System VAD_Deploy.aspx Arbitrary File Upload
An arbitrary file upload vulnerability exists in 3CX VoIP Phone System Manager. The vulnerability is due to failure to restrict file uploads in VADDeploy.aspx. A remote unauthenticated attacker can exploit this vulnerability by sending maliciously crafted requests to the target server...