Known Vulnerabilities for products from Netfortris
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Netfortris".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-7351 | An OS Command Injection vulnerability in the endpoint_devicemap.php component of Fonality Trixbox Community Edition allows an... | 8.8 - HIGH | 2020-05-01 | 2022-04-18 |
| CVE-2017-14537 | trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /m... | 6.5 - MEDIUM | 2018-02-16 | 2022-02-19 |
| CVE-2017-14536 | trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php. | 5.4 - MEDIUM | 2018-02-16 | 2018-03-06 |
| CVE-2017-14535 | trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php. | 8.8 - HIGH | 2018-02-16 | 2022-02-19 |
| CVE-2014-5112 | maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacte... | 7.5 - HIGH | 2014-07-28 | 2022-04-18 |
| CVE-2014-5111 | Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot... | 5 - MEDIUM | 2014-07-28 | 2022-04-18 |
| CVE-2014-5110 | Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject ar... | 4.3 - MEDIUM | 2014-07-28 | 2023-01-31 |
| CVE-2014-5109 | SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to ... | 7.5 - HIGH | 2014-07-28 | 2023-01-31 |
| CVE-2010-0702 | SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execut... | 7.5 - HIGH | 2010-02-23 | 2023-01-31 |
| CVE-2007-6424 | registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands ... | 4.3 - MEDIUM | 2007-12-18 | 2022-04-18 |
Known software with vulnerabilities from Netfortris
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Netfortris | Trixbox | 2.8.0.4 |