← Back

Iptel

iptel

5 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Serweb
serweb
4 CVEs
Sip Express Router
sip_express_router
1 CVE

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-6290
1Iptel
1Serweb
Apr 23, 2026
Dec 10, 2007
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.
CVE-2007-6289
1Iptel
1Serweb
Apr 23, 2026
Dec 10, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang.php, (2) _SERWEB[fun...Show more
Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) _SERWEB[configdir] parameter to load_lang.php, (2) _SERWEB[functionsdir] parameter to main_prepend.php, and the (3) _PHPLIB[libdir] parameter to load_phplib.php, different vectors than CVE-2007-3359 and CVE-2007-3358.Show less
CVE-2007-3359
1Iptel
1Serweb
Apr 23, 2026
Jun 22, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter to (1) html/load_apu.php or (2) html/mail_...Show more
Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter to (1) html/load_apu.php or (2) html/mail_prepend.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2007-3358
1Iptel
1Serweb
Apr 23, 2026
Jun 22, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter.
CVE-2003-1113
1Iptel
1Sip Express Router
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
7.5 HIGH· v2
The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as...Show more
The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.Show less