| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-5110 | 4.3 |
Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the id_nodo parameter.
|
31-01-2023 - 19:13 | 28-07-2014 - 15:55 | |
| CVE-2014-5109 | 7.5 |
SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action.
|
31-01-2023 - 19:13 | 28-07-2014 - 15:55 | |
| CVE-2014-5111 | 5.0 |
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg
|
18-04-2022 - 09:37 | 28-07-2014 - 15:55 | |
| CVE-2014-5112 | 7.5 |
maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter.
|
18-04-2022 - 09:37 | 28-07-2014 - 15:55 |