CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vitalpbx: >> Vitalpbx >> 3.2.3 Security Vulnerabilities

CVE-2023-0480

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF.

CVSS Score

8.8

EPSS Score

0.001

Published

2023-04-04

CVE-2023-0486

VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance's administrator account via a malicious link. This is possible because the application is vulnerable to XSS.

CVSS Score

6.1

EPSS Score

0.001

Published

2023-04-04

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved