Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.10 views

CVE-2019-16990

In FusionPBX up to v4.5.7, the file app/musiconhold/musiconhold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname base64 encoded and allows a download of it...

6.5CVSS6.8AI score0.01283EPSS
Exploits0References1
NVD
NVD
added 2019/10/21 3:15 p.m.17 views

CVE-2019-16990

In FusionPBX up to v4.5.7, the file app/musiconhold/musiconhold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname base64 encoded and allows a download of it...

6.5CVSS6.5AI score0.01283EPSS
Exploits0References2
OSV
OSV
added 2019/10/21 3:15 p.m.5 views

CVE-2019-16990

In FusionPBX up to v4.5.7, the file app/musiconhold/musiconhold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname base64 encoded and allows a download of it...

6.5CVSS6.5AI score
Exploits0References2
Cvelist
Cvelist
added 2019/10/21 2:20 p.m.18 views

CVE-2019-16990

In FusionPBX up to v4.5.7, the file app/musiconhold/musiconhold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname base64 encoded and allows a download of it...

6.5AI score0.01283EPSS
Exploits0References2
CVE
CVE
added 2019/10/21 2:20 p.m.63 views

CVE-2019-16990

FusionPBX CVE-2019-16990 affects versions up to 4.5.7. The vulnerability is in music_on_hold.php where an unsanitized URL-derived file parameter (base64-encoded) enables downloading arbitrary pathnames. Core impact is potential exposure of files via crafted requests; exploitation details are not ...

6.5CVSS6.4AI score0.01283EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder