Shodan
Vulnerabilities
Vulnerable Software
Vitalpbx:  >> Vitalpbx  >> 3.2.3  Security Vulnerabilities
CVE-2024-24386
An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder.
CVSS Score
7.2
EPSS Score
0.01
Published
2024-02-15
CVE-2023-0480
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-04-04
CVE-2023-0486
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance's administrator account via a malicious link. This is possible because the application is vulnerable to XSS.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-04-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved