Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-26150 | 1 Logaritmo | 1 Aware Callmanager | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
info.php in Logaritmo Aware CallManager 2012 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | |||||
CVE-2019-20385 | 1 Logaritmo | 1 Aware Callmanager | 2020-01-29 | 6.5 MEDIUM | 8.8 HIGH |
The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/* content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI. |