Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vitalpbx vitalpbx vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-0480
VitalPBX version 3.2.3-8 allows an unauthenticated external malicious user to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF.
Vitalpbx Vitalpbx 3.2.3
6.1
CVSSv3
CVE-2023-0486
VitalPBX version 3.2.3-8 allows an unauthenticated external malicious user to obtain the instance's administrator account via a malicious link. This is possible because the application is vulnerable to XSS.
Vitalpbx Vitalpbx 3.2.3
4.9
CVSSv3
CVE-2022-29330
Missing access control in the backup system of Telesoft VitalPBX prior to 3.2.1 allows malicious users to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors.
Vitalpbx Vitalpbx
NA
CVE-2024-24386
An issue in VitalPBX v.3.2.4-5 allows an malicious user to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder.
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started