Lucene search
K

45 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-9444

Malware in sbrugna...

4.8CVSS5.2AI score0.00534EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-9156

Malware in sbrugna...

7.2CVSS7AI score0.0313EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-8659

Malware in sbrugna...

9.8CVSS9.3AI score0.36615EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-9170

Malware in sbrugna...

4.8CVSS5.2AI score0.00552EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-3110

Malware in sbrugna...

9.8CVSS9.4AI score0.02237EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-9445

Malware in sbrugna...

4.8CVSS5.2AI score0.00557EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-9169

Malware in sbrugna...

4.8CVSS5.2AI score0.00552EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-30361

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00712EPSS
Exploits0References1
CISA
CISA
added 2025/08/29 12:0 p.m.9 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-57819link is external Sangoma FreePBX Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors a...

10CVSS7AI score0.93286EPSS
In wildExploits21References6
RedhatCVE
RedhatCVE
added 2025/05/23 3:29 a.m.8 views

CVE-2023-26567

Sangoma FreePBX 1805 through 2302 when obtained as a ,.ISO file places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database MariaDB/MySQL and Asterisk Manager Interface. For example, an attack...

8.1CVSS7.2AI score0.00649EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:46 p.m.14 views

CVE-2020-10666

The restapps aka Rest Phone apps module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command...

9.8CVSS7.9AI score0.02237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.6 views

CVE-2019-19852

An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...

4.8CVSS6.4AI score0.00557EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.8 views

CVE-2019-19551

In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are no...

4.8CVSS6.1AI score0.00552EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.8 views

CVE-2019-19851

An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...

4.8CVSS6.4AI score0.00534EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:28 a.m.10 views

CVE-2019-19538

In Sangoma FreePBX 13 through 15 and sysadmin aka System Admin 13.0.92 through 15.0.13.6 modules have a Remote Command Execution vulnerability that results in Privilege Escalation...

7.2CVSS7.3AI score0.0313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:26 a.m.7 views

CVE-2019-19552

In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another...

4.8CVSS6.2AI score0.00552EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:51 a.m.3 views

CVE-2019-19006

Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control...

9.8CVSS7AI score0.36615EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/14 9:47 a.m.21 views

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...

8.6CVSS7.1AI score0.00712EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 12:39 p.m.13 views

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...

8.6CVSS6.8AI score0.00712EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/10 4:14 p.m.37 views

CVE-2023-26566

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface ARI, which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API...

7AI score0.00712EPSS
Exploits0References1
Rows per page
Query Builder