| Max CVSS | 6.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-4467 | 6.5 |
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allow (1) remote attackers to execute arbitrary SQL commands via the campaign variable in SCRIPT_mult
|
20-05-2014 - 04:06 | 11-03-2014 - 19:37 | |
| CVE-2013-7382 | 5.0 |
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to obtain access.
|
19-05-2014 - 15:46 | 17-05-2014 - 19:55 | |
| CVE-2013-4468 | 6.5 |
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php. Per:
|
15-05-2014 - 13:16 | 14-05-2014 - 19:55 |