Lucene search
K

13 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

FreePBX 2.11.0 - Remote Command Execution

No description provided by source. !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link:...

7.5CVSS6.5AI score0.52186EPSS
Exploits12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

FreePBX config.php Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

7.1AI score
Exploits0
Saint
Saint
added 2014/04/03 12:0 a.m.38 views

FreePBX Framework Module view.functions.php Remote Code Execution

Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...

7.5CVSS7AI score0.52186EPSS
Exploits12
Saint
Saint
added 2014/04/03 12:0 a.m.46 views

FreePBX Framework Module view.functions.php Remote Code Execution

Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...

7.5CVSS7AI score0.52186EPSS
Exploits12
seebug.org
seebug.org
added 2014/04/01 12:0 a.m.46 views

FreePBX Framework模块admin/libraries/view.functions.php远程代码执行漏洞

CVE ID:CVE-2014-1903 FreePBX是开源Web PBX解决方案。 FreePBX admin/libraries/view.functions.php没有限制API处理程序可访问的函数集,这可使远程攻击者通过 admin/config.php 的函数和参数,利用此漏洞执行任意PHP代码。 0 FreePBX 2.9 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice...

7.5CVSS6.4AI score0.52186EPSS
Exploits12
Exploit DB
Exploit DB
added 2014/03/25 12:0 a.m.80 views

FreePBX - 'config.php' Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "FreePBX config.php Remote Code Execution", 'Description' = %q This module exploits a vulnerability found in FreePBX version 2.9, 2.10...

7.5CVSS7.4AI score0.52186EPSS
Exploits12
Metasploit
Metasploit
added 2014/03/21 3:29 a.m.63 views

FreePBX config.php Remote Code Execution

This module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args". This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.2AI score0.52186EPSS
Exploits12
OpenVAS
OpenVAS
added 2014/03/14 12:0 a.m.33 views

FreePBX 2.9 - 12 RCE Vulnerability - Active Check

FreePBX is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:freepbx:freepbx"; ...

7.5CVSS7.2AI score0.52186EPSS
Exploits12References1
exploitpack
exploitpack
added 2014/03/12 12:0 a.m.32 views

FreePBX 2.11.0 - Remote Command Execution

FreePBX 2.11.0 - Remote Command Execution !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link:...

7.5CVSS6.7AI score0.52186EPSS
Exploits12
Circl
Circl
added 2014/03/12 12:0 a.m.10 views

CVE-2014-1903

creationtimestamp| type| source ---|---|--- 2014-03-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32214 2014-03-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32512 2018-05-29 15:50:33+00:00| seen|...

7.5CVSS5.7AI score0.52186EPSS
Exploits12References3
Exploit DB
Exploit DB
added 2014/03/12 12:0 a.m.91 views

FreePBX 2.11.0 - Remote Command Execution

!/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link: http://mirror.freepbx.org/freepbx-2.11.0.tar.gz Versio...

7.5CVSS6.7AI score0.52186EPSS
Exploits12
NVD
NVD
added 2014/02/18 11:55 a.m.24 views

CVE-2014-1903

admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args...

7.5CVSS7.4AI score0.52186EPSS
Exploits12References12
CVE
CVE
added 2014/02/18 11:0 a.m.85 views

CVE-2014-1903

Summary: FreePBX versions 2.9 (before 2.9.0.14), 2.10 (before 2.10.1.15), 2.11 (before 2.11.0.23), and 12 (before 12.0.1alpha22) are vulnerable because admin/libraries/view.functions.php does not restrict the API handler’s function set, enabling remote attackers to execute arbitrary PHP code via ...

7.5CVSS7.5AI score0.52186EPSS
Exploits12References12Affected Software2
Rows per page
Query Builder