Vulnerabilities > Vitalpbx

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-04	CVE-2023-0480	Cross-Site Request Forgery (CSRF) vulnerability in Vitalpbx 3.2.3 VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. network low complexity vitalpbx CWE-352	8.8
2023-04-04	CVE-2023-0486	Cross-site Scripting vulnerability in Vitalpbx 3.2.3 VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance's administrator account via a malicious link. network low complexity vitalpbx CWE-79	6.1
2022-06-24	CVE-2022-29330	Use of Insufficiently Random Values vulnerability in Vitalpbx Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors. network low complexity vitalpbx CWE-330	4.9

Vulnerabilities > Vitalpbx {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vitalpbx"}]}