Total
51 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-16971 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS. | |||||
CVE-2019-16970 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS. | |||||
CVE-2019-16969 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS. | |||||
CVE-2019-16968 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in FusionPBX up to 4.5.7. In the file app\conference_controls\conference_control_details.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. | |||||
CVE-2019-16965 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data. | |||||
CVE-2019-16964 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data. | |||||
CVE-2019-15029 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request with the service id followed by the parameter a=start to execute the stored command. | |||||
CVE-2019-11410 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute commands on the host. | |||||
CVE-2019-11409 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation that allows authenticated non-administrative attackers to execute commands on the host. This can further lead to remote code execution when combined with an XSS vulnerability also present in the FusionPBX Operator Panel module. | |||||
CVE-2019-11408 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining this vulnerability with a command injection vulnerability also present in FusionPBX. | |||||
CVE-2019-11407 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 4.0 MEDIUM | 7.2 HIGH |
app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information. |