731 matches found
CVE-2006-6244
Coalescent Systems freePBX formerly Asterisk Management Portal before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in 1 CALLERIDname or 2 CALLERIDnumber...
CVE-2006-6244
Coalescent Systems freePBX formerly Asterisk Management Portal before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in 1 CALLERIDname or 2 CALLERIDnumber...
CVE-2006-6244
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 is vulnerable to arbitrary command execution via shell metacharacters in CALLERID(name) or CALLERID(number). Root cause: improper handling of shell metacharacters in these fields. The available sources document this ...
FreePBX < 2.2.1 VoIP Input Validation Vulnerabilities
Binary data 3831.prm...
FreePBX upgrade.php远程文件包含漏洞
FreePBX之前被称为Asterisk Management Portal,是IP电话工具Asterisk的标准化实现,可提供Web配置界面和其他工具。 FreePBX在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 FreePBX的upgrade.php文件没有正确验证对ampconf参数的输入,允许攻击者通过包含本地或外部任意资源导致执行任意PHP代码。漏洞相关的代码如下: requireonce$ampconf"AMPWEBROOT" . "/admin/functions.inc.php"; Coalescent Systems...
FreePBX VoIP Administrative Interface Detection
Binary data 3802.prm...
freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability
No description provided by source. Script: freePBX Version: v2.1.3 Script Download: http://puzzle.dl.sourceforge.net/sourceforge/amportal/freepbx-2.1.3.tgz Code: requireonce$ampconf"AMPWEBROOT" . "/admin/functions.inc.php"; Exploit: upgrades/2.1beta1/upgrade.php?ampconfAMPWEBROOT=evilscripts?...
FreePBX 2.1.3 - upgrade.php Remote File Inclusion
FreePBX 2.1.3 - upgrade.php Remote File Inclusion Script: freePBX Version: v2.1.3 Script Download: http://puzzle.dl.sourceforge.net/sourceforge/amportal/freepbx-2.1.3.tgz Code: requireonce$ampconf"AMPWEBROOT" . "/admin/functions.inc.php"; Exploit:...
freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================= freePBX 2.1.3 upgrade.php Remote File Include Vulnerability ============================================================= Script: freePBX Version: v2.1.3 Code:...
FreePBX 2.1.3 - 'upgrade.php' Remote File Inclusion
Script: freePBX Version: v2.1.3 Script Download: http://puzzle.dl.sourceforge.net/sourceforge/amportal/freepbx-2.1.3.tgz Code: requireonce$ampconf"AMPWEBROOT" . "/admin/functions.inc.php"; Exploit: upgrades/2.1beta1/upgrade.php?ampconfAMPWEBROOT=evilscripts? Found: Cyber-Security Thanks: DJR,...
CVE-2023-26566
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...