A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
Sun, 12 Jul 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | Aster Telecom Azcall HTTP sis.php sql injection | |
| First Time appeared |
Aster Telecom
Aster Telecom azcall |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:aster_telecom:azcall:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Aster Telecom
Aster Telecom azcall |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-12T06:00:08.869Z
Reserved: 2026-07-11T10:05:08.167Z
Link: CVE-2026-15482
No data.
No data.
No data.
OpenCVE Enrichment
No data.