5 matches found
CVE-2025-67736
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
CVE-2025-67736
The CVE-2025-67736 entry concerns the FreePBX tts (Text to Speech) module. Affected versions are prior to 16.0.5 and 17.0.5. The vulnerability is an SQL injection exploitable by authenticated users with administrator access via the Administrator Control Panel (ACP). Successful exploitation can di...
CVE-2025-67736 Authenticated SQL Injection in FreePBX tts (Text To Speech) module
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
CVE-2025-67736 Authenticated SQL Injection in FreePBX tts (Text To Speech) module
The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...
FreePBX tts SQL注入漏洞
FreePBX tts is a text-to-speech component of FreePBX open source. An SQL injection vulnerability exists in FreePBX tts versions prior to 16.0.5 and prior to 17.0.5, which stems from the presence of an SQL injection issue that could lead to information disclosure and code execution...