Known Vulnerabilities for products from Fonality
Listed below are 8 of the newest known vulnerabilities associated with the vendor "Fonality".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2016-2364 json | The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously trixbox Pro) 12.6 through 14.1i uses the same hardcoded p... | 7.5 - HIGH | 2016-06-20 | 2016-06-21 |
| CVE-2016-2363 json | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun scrip... | 7.8 - HIGH | 2016-06-20 | 2016-06-21 |
| CVE-2016-2362 json | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which al... | 9.8 - CRITICAL | 2016-06-20 | 2016-06-21 |
| CVE-2014-5112 json | maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacte... | 7.5 - HIGH | 2014-07-28 | 2022-04-18 |
| CVE-2014-5111 json | Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot... | 5 - MEDIUM | 2014-07-28 | 2022-04-18 |
| CVE-2014-5110 json | Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject ar... | 4.3 - MEDIUM | 2014-07-28 | 2023-01-31 |
| CVE-2014-5109 json | SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to ... | 7.5 - HIGH | 2014-07-28 | 2023-01-31 |
| CVE-2010-0702 json | SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execut... | 7.5 - HIGH | 2010-02-23 | 2023-01-31 |