2 matches found
CVE-2009-1801
Multiple cross-site scripting XSS vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the 1 display parameter to reports.php, the 2 order and 3 extdisplay parameters to config.php, and the 4 so...
CVE-2009-1801
The CVE-2009-1801 entry describes multiple XSS vulnerabilities in FreePBX releases: 2.5.1 and other 2.4.x, 2.5.x, and pre-release 2.6.x. The flaws allow remote attackers to inject arbitrary web script or HTML via specific parameters: (1) display in reports.php, (2) order and (3) extdisplay in con...