7 matches found
CVE-2014-7235
creationtimestamp| type| source ---|---|--- 2020-11-05 16:55:13+00:00| seen| MISP/9fbd6001-b34c-4886-8240-d3e93a433faf 2020-11-05 19:44:38+00:00| seen| MISP/77f74cbc-dd0e-4c6e-a9c4-f15e1a87c0f9 2020-11-05 19:44:38+00:00| seen| MISP/d60bbf52-1b06-4ddd-b894-c1da7f68f083 2020-11-05 19:44:39+00:00|...
Freepbx 2.11.1.5 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Freepbx coockie recordings injection Google Dork: Ask Santa Date: 23/12/2016 Exploit Author: inj3ctor3 Vendor Homepage: https://www.freepbx.org/ Software Link: ISO LINKS IN SITE https://www.freepbx.org/ Version: ALL && unpatched...
FreePBX Remote Code Execution
Exploit Title: Freepbx coockie recordings injection Google Dork: Ask Santa Date: 23/12/2016 Exploit Author: inj3ctor3 Vendor Homepage: https://www.freepbx.org/ Software Link: ISO LINKS IN SITE https://www.freepbx.org/ Version: ALL && unpatched/ Trixbox/freepbx/elastix/pbxinflash/ Tested on: Cento...
Freepbx < 2.11.1.5 - Remote Code Execution
Exploit Title: Freepbx coockie recordings injection Google Dork: Ask Santa Date: 23/12/2016 Exploit Author: inj3ctor3 Vendor Homepage: https://www.freepbx.org/ Software Link: ISO LINKS IN SITE https://www.freepbx.org/ Version: ALL && unpatched/ Trixbox/freepbx/elastix/pbxinflash/ Tested on: Cento...
Freepbx 2.11.1.5 - Remote Code Execution
Freepbx 2.11.1.5 - Remote Code Execution Exploit Title: Freepbx coockie recordings injection Google Dork: Ask Santa Date: 23/12/2016 Exploit Author: inj3ctor3 Vendor Homepage: https://www.freepbx.org/ Software Link: ISO LINKS IN SITE https://www.freepbx.org/ Version: ALL && unpatched/...
FreePBX /recordings/index.php 'ari_auth' Cookie Authentication Bypass
The version of FreePBX hosted on the remote web server is affected by an authentication bypass vulnerability in the FreePBX ARI Framework module / Asterisk Recording Interface ARI. A remote, unauthenticated attacker can exploit this issue to gain full administrator access to the FreePBX server by...
CVE-2014-7235
htdocsari/includes/login.php in the ARI Framework module/Asterisk Recording Interface ARI in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ariauth cookie, related to the PHP unserialize function, as exploited in the wild in...