13 matches found
FreePBX 2.11.0 - Remote Command Execution
No description provided by source. !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link:...
FreePBX config.php Remote Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...
FreePBX Framework Module view.functions.php Remote Code Execution
Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...
FreePBX Framework Module view.functions.php Remote Code Execution
Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...
FreePBX Framework模块admin/libraries/view.functions.php远程代码执行漏洞
CVE ID:CVE-2014-1903 FreePBX是开源Web PBX解决方案。 FreePBX admin/libraries/view.functions.php没有限制API处理程序可访问的函数集,这可使远程攻击者通过 admin/config.php 的函数和参数,利用此漏洞执行任意PHP代码。 0 FreePBX 2.9 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice...
FreePBX - 'config.php' Remote Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "FreePBX config.php Remote Code Execution", 'Description' = %q This module exploits a vulnerability found in FreePBX version 2.9, 2.10...
FreePBX config.php Remote Code Execution
This module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args". This module requires Metasploit: https://metasploit.com/download Current source:...
FreePBX 2.9 - 12 RCE Vulnerability - Active Check
FreePBX is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:freepbx:freepbx"; ...
FreePBX 2.11.0 - Remote Command Execution
FreePBX 2.11.0 - Remote Command Execution !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link:...
CVE-2014-1903
creationtimestamp| type| source ---|---|--- 2014-03-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32214 2014-03-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32512 2018-05-29 15:50:33+00:00| seen|...
FreePBX 2.11.0 - Remote Command Execution
!/usr/bin/perl use strict; use warnings; use IO::Socket::INET; Exploit Title: FreePBX 2.9,2.10,2.11,12 Remote Command Execution Google Dork: n/a Date: 2/25/14 Exploit Author: @0x00string Vendor Homepage: http://www.freepbx.org/ Software Link: http://mirror.freepbx.org/freepbx-2.11.0.tar.gz Versio...
CVE-2014-1903
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args...
CVE-2014-1903
Summary: FreePBX versions 2.9 (before 2.9.0.14), 2.10 (before 2.10.1.15), 2.11 (before 2.11.0.23), and 12 (before 12.0.1alpha22) are vulnerable because admin/libraries/view.functions.php does not restrict the API handler’s function set, enabling remote attackers to execute arbitrary PHP code via ...