Lucene search
PRIOn knowledge basePRION:CVE-2019-16990HistoryOct 21, 2019 - 3:15 p.m.
Design/Logic Flaw
2019-10-2115:15:00
PRIOn knowledge base
www.prio-n.com
4
In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized βfileβ variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.
Related
cve
cve
CVE-2019-16990
2019-10-21 15:15:10
nvd
nvd
CVE-2019-16990
2019-10-21 15:15:10
cvelist
cvelist
CVE-2019-16990
2019-10-21 14:20:53