14 matches found
EUVD-2019-7443
Malware in sbrugna...
EUVD-2025-26874
Malicious code in bioql PyPI...
CVE-2025-55209
contactmanager is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© PBX. In versions 15.0.14 and below, 16.0.0 through 16.0.26.4 and 17.0.0 through 17.0.5, a stored cross-site scripting XSS vulnerability in FreePBX allows a low-privileged User Control Panel UC...
CVE-2025-55209
contactmanager is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© PBX. In versions 15.0.14 and below, 16.0.0 through 16.0.26.4 and 17.0.0 through 17.0.5, a stored cross-site scripting XSS vulnerability in FreePBX allows a low-privileged User Control Panel UC...
CVE-2025-55209
contactmanager is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© PBX. In versions 15.0.14 and below, 16.0.0 through 16.0.26.4 and 17.0.0 through 17.0.5, a stored cross-site scripting XSS vulnerability in FreePBX allows a low-privileged User Control Panel UC...
CVE-2025-55209 FreePBX UCP is Vulnerable to Stored XSS Through its User Control Panel
contactmanager is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© PBX. In versions 15.0.14 and below, 16.0.0 through 16.0.26.4 and 17.0.0 through 17.0.5, a stored cross-site scripting XSS vulnerability in FreePBX allows a low-privileged User Control Panel UC...
FreePBX 跨站脚本漏洞
FreePBX formerly known as Asterisk Management Portal is a set of tools for configuring Asterisk IP telephony system via a GUI web-based graphical interface from the FreePBX project. A cross-site scripting vulnerability exists in FreePBX contactmanager, which stems from a stored cross-site scripti...
CVE-2019-16966
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class html\admin\modules\contactmanager\Contactmanager.class.php, an unsanitized group variable coming from the URL is reflected in HTML o...
FreePBX Contactmanager Cross-Site Scripting Vulnerability
FreePBX formerly known as Asterisk Management Portal is the FreePBX project's set of tools for configuring Asterisk IP telephony system through a GUI web-based graphical interface. contactmanager is one of the contact management components used in it. A cross-site scripting vulnerability exists i...
CVE-2019-16966
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class html\admin\modules\contactmanager\Contactmanager.class.php, an unsanitized group variable coming from the URL is reflected in HTML o...
CVE-2019-16966
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class html\admin\modules\contactmanager\Contactmanager.class.php, an unsanitized group variable coming from the URL is reflected in HTML o...
Cross site scripting
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class html\admin\modules\contactmanager\Contactmanager.class.php, an unsanitized group variable coming from the URL is reflected in HTML o...
CVE-2019-16966
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class html\admin\modules\contactmanager\Contactmanager.class.php, an unsanitized group variable coming from the URL is reflected in HTML o...
CVE-2019-16966
CVE-2019-16966 affects FreePBX Contactmanager components prior to specific fixed versions: Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21. The vulnerability arises from an unsanitized group variable from the URL reflected in HTML in two places within Contac...