mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-01 02:41:46 +02:00
0xMarcio
965 B
965 B
CVE-2025-2494
Description
Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the ‘/softdial/phpconsole/upload.php’ endpoint, which is protected by basic HTTP authentication. The files are uploaded to a directory exposed by the web application, which could result in code execution, giving the attacker full control over the server.
POC
Reference
No PoCs from references.