Exploit for SQL Injection in Sangoma Freepbx

🗓️ 18 Jun 2026 22:39:35Reported by ozcanpngType

githubexploit

githubexploit🔗 github.com👁 44 Views

Unauthenticated SQLi in FreePBX endpoint enables cron webshell and root access via incron.

Reporter	Title	Published	Views	Family All 40
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx	8 Sep 202515:28	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx	7 Jun 202600:54	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx	8 Jun 202610:22	–	githubexploit
GithubExploit	Exploit for CVE-2025-57819	29 Aug 202511:59	–	githubexploit
GithubExploit	Exploit for SQL Injection in Sangoma Freepbx	4 Sep 202503:21	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx	18 Sep 202520:38	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx	12 Sep 202517:53	–	githubexploit
GithubExploit	Exploit for SQL Injection in Sangoma Freepbx	19 Jun 202619:01	–	githubexploit
GithubExploit	Exploit for CVE-2025-57819	1 Sep 202516:29	–	githubexploit
GithubExploit	Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx	6 Jun 202620:13	–	githubexploit

18 Jun 2026 22:45Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.19.8

CVSS 410

EPSS0.93286

SSVC

FreePBX endpoint module sql injection cron job webshell incron root access remote code execution