CVE-2014-5109
Fonality trixbox - SQL Injection via mac Parameter in endpoint_generic.php
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-5109. PoCs published by AtT4CKxT3rR0r1ST.
AI-analyzed exploit summary The exploit demonstrates an SQL injection vulnerability in Trixbox's endpoint_generic.php file, allowing an attacker to execute arbitrary SQL queries. The provided URL manipulates the 'mac' parameter to perform a UNION-based SQL injection.
Description
SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action.
Exploits (1)
The exploit demonstrates an SQL injection vulnerability in Trixbox's endpoint_generic.php file, allowing an attacker to execute arbitrary SQL queries. The provided URL manipulates the 'mac' parameter to perform a UNION-based SQL injection.