A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
Mon, 13 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 12 Jul 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | Aster Telecom Azcall HTTP sis.php sql injection | |
| First Time appeared |
Aster Telecom
Aster Telecom azcall |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:aster_telecom:azcall:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Aster Telecom
Aster Telecom azcall |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-07-12T06:00:08.869Z
Updated: 2026-07-13T15:46:00.864Z
Reserved: 2026-07-11T10:05:08.167Z
Link: CVE-2026-15482
Updated: 2026-07-13T15:45:50.803Z
No data.
No data.