MEDIUM
Aster Telecom
CVE published 2026-07-12
CVE-2026-15482
A SQL injection vulnerability has been identified in Aster Telecom Azcall 10/11, affecting some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to SQL injection. The attack may be performed remotely. This issue has been made public and could be used for attacks. However, the vendor did not [truncated]