PT-2019-14901 · Fusionpbx · Fusionpbx
Name of the Vulnerable Software and Affected Versions: FusionPBX versions prior to 4.5.8 Description: The issue concerns an SQL injection flaw. Specifically, the call broadcast edit.php file uses an unsanitized id variable from the URL in an unparameterized SQL query. This allows for potential SQ...