RSS   Podatności dla 'Voipmonitor'   RSS

2022-02-04
 
CVE-2022-24259

CWE-269
 

 
An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows unauthenticated attackers to escalate privileges via a crafted request.

 
 
CVE-2022-24260

CWE-89
 

 
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.

 
 
CVE-2022-24262

NVD-CWE-noinfo
 

 
The config restore function of Voipmonitor GUI before v24.96 does not properly check files sent as restore archives, allowing remote attackers to execute arbitrary commands via a crafted file in the web root.

 


Copyright 2024, cxsecurity.com

 

Back to Top