Known Vulnerabilities for products from Netfortris
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Netfortris".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-7351 json | An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an... | 8.8 - HIGH | 2020-05-01 | 2022-04-18 |
| CVE-2017-14537 json | trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /m... | 6.5 - MEDIUM | 2018-02-16 | 2022-02-19 |
| CVE-2017-14536 json | trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php. | 5.4 - MEDIUM | 2018-02-16 | 2018-03-06 |
| CVE-2017-14535 json | trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php. | 8.8 - HIGH | 2018-02-16 | 2022-02-19 |
| CVE-2014-5112 json | maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacte... | 7.5 - HIGH | 2014-07-28 | 2022-04-18 |
| CVE-2014-5111 json | Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot... | 5 - MEDIUM | 2014-07-28 | 2022-04-18 |
| CVE-2014-5110 json | Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject ar... | 4.3 - MEDIUM | 2014-07-28 | 2023-01-31 |
| CVE-2014-5109 json | SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to ... | 7.5 - HIGH | 2014-07-28 | 2023-01-31 |
| CVE-2010-0702 json | SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execut... | 7.5 - HIGH | 2010-02-23 | 2023-01-31 |
| CVE-2007-6424 json | registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands ... | Not Provided | 2007-12-18 | 2026-04-23 |
Known software with vulnerabilities from Netfortris
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Netfortris | Trixbox | 2.8.0.4 |