Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

GOautodial API Security Vulnerabilities

cve
cve

CVE-2021-43176

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied β€œaction” parameter and appends a .php file extension to locate and load the correct PHP file to implement the API call. Vulnerable versions of GOautodial do not sanitize the user input that specifies the...

8.8CVSS

7.8AI Score

0.002EPSS

2021-12-07 06:15 PM
20
4
cve
cve

CVE-2021-43175

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API functions. Vulnerable versions of GOautodial validate the username and password incorrectly,...

7.5CVSS

8.3AI Score

0.002EPSS

2021-12-07 06:15 PM
22
2