Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
issabel pbx 4.0.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-0986
A vulnerability was found in Issabel PBX 4.0.0. It has been rated as critical. This issue affects some unknown processing of the file /index.php?menu=asterisk_cli of the component Asterisk-Cli. The manipulation of the argument Command leads to os command injection. The attack may...
Issabel Pbx 4.0.0
8.1
CVSSv3
CVE-2023-37596
Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote malicious user to cause a denial of service via a crafted script to the deleteuser function.
Issabel Pbx 4.0.0-6
1 Github repository
8.1
CVSSv3
CVE-2023-37597
Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote malicious user to cause a denial of service via the delete user grouplist function.
Issabel Pbx 4.0.0-6
1 Github repository
7.5
CVSSv3
CVE-2023-37599
An issue in issabel-pbx v.4.0.0-6 allows a remote malicious user to obtain sensitive information via the modules directory
Issabel Pbx 4.0.0-6
1 Github repository
6.8
CVSSv3
CVE-2023-34839
A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote malicious user to gain privileges via a Custom CSRF exploit to create new user function in the application.
Issabel Pbx 4.0.0-6
1 Github repository
4.8
CVSSv3
CVE-2023-37190
A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature.
Issabel Pbx 4.0.0-6
1 Github repository
4.8
CVSSv3
CVE-2023-37191
A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Group and Description parameters.
Issabel Pbx 4.0.0-6
1 Github repository
4.5
CVSSv3
CVE-2023-37598
A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote malicious user to cause a denial of service via the delete new virtual fax function.
Issabel Pbx 4.0.0-6
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started