Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trixbox trixbox vulnerabilities and exploits
(subscribe to this query)
695
VMScore
CVE-2008-6825
Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and previous versions allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the langChoice parameter.
Trixbox Trixbox 2.4.2.0
Trixbox Trixbox 2.0
Trixbox Trixbox
3 EDB exploits
440
VMScore
CVE-2008-0540
Multiple cross-site scripting (XSS) vulnerabilities in trixbox 2.4.2.0 allow remote malicious users to inject arbitrary web script or HTML via the query string to index.php in (1) user/ or (2) maint/.
Trixbox Trixbox 2.4.2.0
2 EDB exploits
755
VMScore
CVE-2014-5112
maint/modules/home/index.php in Fonality trixbox allows remote malicious users to execute arbitrary commands via shell metacharacters in the lang parameter.
Netfortris Trixbox -
1 EDB exploit
755
VMScore
CVE-2014-5109
SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote malicious users to execute arbitrary SQL commands via the mac parameter in a Submit action.
Netfortris Trixbox -
1 EDB exploit
383
VMScore
CVE-2014-5110
Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote malicious users to inject arbitrary web script or HTML via the id_nodo parameter.
Netfortris Trixbox -
520
VMScore
CVE-2014-5111
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote malicious users to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in main...
Netfortris Trixbox -
4 EDB exploits
801
VMScore
CVE-2020-7351
An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an malicious user to execute commands on the underlying operating system as the "asterisk" user. Note that Trixbox Community Edition has been unsup...
Netfortris Trixbox
755
VMScore
CVE-2010-0702
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Netfortris Trixbox 2.2.4
1 EDB exploit
802
VMScore
CVE-2017-14535
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.
Netfortris Trixbox 2.8.0.4
312
VMScore
CVE-2017-14536
trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php.
Netfortris Trixbox 2.8.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »