Lucene search
MitreCVELIST:CVE-2019-11408HistoryJun 17, 2019 - 5:59 p.m.
CVE-2019-11408
2019-06-1717:59:30
mitre
www.cve.org
XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining this vulnerability with a command injection vulnerability also present in FusionPBX.
Related
cve
cve
CVE-2019-11408
2019-06-17 18:15:10
prion
prion
Command injection
2019-06-17 18:15:00
nvd
nvd
CVE-2019-11408
2019-06-17 18:15:10
exploitdb
exploitdb
FusionPBX 4.4.3 - Remote Command Execution
2019-06-12 00:00:00
exploitpack
exploitpack
FusionPBX 4.4.3 - Remote Command Execution
2019-06-12 00:00:00
packetstorm
packetstorm
FusionPBX 4.4.3 Remote Command Execution
2019-06-12 00:00:00