VICIDIAL 'manager_send.php' CVE-2013-4468 Command Injection Vulnerability
VICIDIAL is prone to a command-injection vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary commands in the context of the affected application.
Note: The issue described by CVE-2013-4467 has been moved to BID 63340 (VICIDIAL 'manager_send.php' CVE-2013-4467 SQL Injection Vulnerability) for better documentation.
VICIDIAL 2.7RC1, 2.7 and 2.8-403a are vulnerable; other versions may also be affected.