SQL Injection in Netfortris Trixbox

CVE-2014-5109

SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action.

Vulnerability class: SQL Injection

EPSS: 0.002 (40.0th percentile) — read the EPSS interpretation.