All 7 CVE vulnerabilities found in VICIdial, with AI-generated Chinese analysis, references, and POCs.
Vendor: VICIdial
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-34099 | VICIdial vicidial_sales_viewer.php Unauthenticated Command Injection via Basic Auth Password CWE-78 | 9.8AI | CriticalAI | 2025-07-10 |
| CVE-2024-8504 | VICIdial Authenticated Remote Code Execution CWE-78 | 8.8AI | HighAI | 2024-09-10 |
| CVE-2024-8503 | VICIdial Unauthenticated SQL Injection CWE-89 | 7.5AI | HighAI | 2024-09-10 |
| CVE-2022-34879 | VICIDial 2.14b0.5 SVN 3550 was discovered to contain multiple Cross Site Scripting (XSS) vulnerabilities at /vicidial/admin.php. CWE-79 | 6.5 | Medium | 2022-07-05 |
| CVE-2022-34878 | VICIDial 2.14b0.5 SVN 3550 was discovered to contain a SQL injection vulnerability at /vicidial/user_stats.php. CWE-89 | 5.5 | Medium | 2022-07-05 |
| CVE-2022-34877 | VICIDial 2.14b0.5 SVN 3550 was discovered to contains a SQL injection vulnerability at /vicidial/AST_agent_time_sheet.php. CWE-89 | 6.4 | Medium | 2022-07-05 |
| CVE-2022-34876 | VICIDial 2.14b0.5 SVN 3550 was discovered to contain multiple SQL injection vulnerability at /vicidial/admin.php. CWE-89 | 5.5 | Medium | 2022-07-05 |
All 7 known CVE vulnerabilities affecting VICIdial with full Chinese analysis, references, and POCs where available.