9 matches found
CVE-2019-15029
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the serviceedit.php file which will insert the malicious command into the database. To trigger the command, one needs to call the services.php file via a GET request with the service id...
Fusionpbx Command Execution (CVE-2019-15029)
A command execution vulnerability exists in Fusionpbx. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
FusionPBX 4.4.8 - Remote Code Execution Exploit
!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 ''' import requests fro...
FusionPBX 4.4.8 Remote Code Execution
!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 '''...
FusionPBX 4.4.8 - Remote Code Execution
FusionPBX 4.4.8 - Remote Code Execution !/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8...
FusionPBX 4.4.8 - Remote Code Execution
!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 '''...
CVE-2019-15029
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the serviceedit.php file which will insert the malicious command into the database. To trigger the command, one needs to call the services.php file via a GET request with the service id...
CVE-2019-15029
CVE-2019-15029 affects FusionPBX 4.4.8. An attacker can execute arbitrary system commands by submitting a malicious command to the service_edit.php file (command stored in the database). Trigger relies on calling services.php via a GET request with the service id and a=start to execute the stored...
Exploit for OS Command Injection in Fusionpbx
CVE-2019-15029 The official exploit code for FusionPBX v4.4.8...