Vulnerabilities > Palosanto
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-03-11 | CVE-2015-1875 | SQL Injection vulnerability in Palosanto Elastix 2.5.0 SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter. | 7.5 |
| 2010-04-23 | CVE-2010-1492 | Path Traversal vulnerability in Palosanto Elastix 1.6.0 Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. | 5.0 |