Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.7 views

CVE-2019-16985

In FusionPBX up to v4.5.7, the file app\xmlcdr\xmlcdrdelete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system...

8.5CVSS6.9AI score0.0114EPSS
Exploits0References1
NVD
NVD
added 2019/10/21 4:15 p.m.17 views

CVE-2019-16985

In FusionPBX up to v4.5.7, the file app\xmlcdr\xmlcdrdelete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system...

8.5CVSS6.5AI score0.0114EPSS
Exploits0References2
OSV
OSV
added 2019/10/21 4:15 p.m.6 views

CVE-2019-16985

In FusionPBX up to v4.5.7, the file app\xmlcdr\xmlcdrdelete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system...

6.5CVSS6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2019/10/21 3:27 p.m.17 views

CVE-2019-16985

In FusionPBX up to v4.5.7, the file app\xmlcdr\xmlcdrdelete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system...

6.5AI score0.0114EPSS
Exploits0References2
CVE
CVE
added 2019/10/21 3:27 p.m.67 views

CVE-2019-16985

FusionPBX contains a path traversal/file-deletion vulnerability in versions up to 4.5.7. The file app\xml_cdr\xml_cdr_delete.php uses an unsanitized URL parameter rec, which is base64 decoded and can cause deletion of arbitrary system files. Reported impact is arbitrary file deletion; remediation...

8.5CVSS6.4AI score0.0114EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder