Filtered by vendor Xorcom
Subscriptions
Filtered by product Completepbx
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2292 | 1 Xorcom | 1 Completepbx | 2025-09-23 | 4.9 Medium |
| Xorcom CompletePBX is vulnerable to an authenticated path traversal, allowing for arbitrary file reads via the Backup and Restore functionality.This issue affects CompletePBX: through 5.2.35. | ||||
| CVE-2025-30004 | 1 Xorcom | 1 Completepbx | 2025-09-23 | 9.1 Critical |
| Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35 | ||||
| CVE-2025-30005 | 1 Xorcom | 1 Completepbx | 2025-09-23 | 6.7 Medium |
| Xorcom CompletePBX is vulnerable to a path traversal via the Diagnostics reporting module, which will allow reading of arbitrary files and additionally delete any retrieved file in place of the expected report. This issue affects CompletePBX: all versions up to and prior to 5.2.35 | ||||
Page 1 of 1.