5 matches found
CVE-2026-28210
This entry concerns CVE-2026-28210 affecting FreePBX (open source IP PBX). The vulnerability lies in the cdr (Call Data Record) module, where an SQL query injection affects versions prior to 16.0.49 and 17.0.7. The issue is caused by unsafe SQL construction within the cdr component, leading to po...
EUVD-2020-24085
Malware in sbrugna...
CVE-2020-36630
A vulnerability was found in FreePBX cdr 14.0. It has been classified as critical. This affects the function ajaxHandler of the file ucp/Cdr.class.php. The manipulation of the argument limit/offset leads to sql injection. Upgrading to version 14.0.5.21 is able to address this issue. The name of t...
Sql injection
A vulnerability was found in FreePBX cdr 14.0. It has been classified as critical. This affects the function ajaxHandler of the file ucp/Cdr.class.php. The manipulation of the argument limit/offset leads to sql injection. Upgrading to version 14.0.5.21 is able to address this issue. The name of t...
FreePBX SQL注入漏洞
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. A SQL injection vulnerability exists in FreePBX cdr versions prior to 14.0.5.21, which stems from a problem wit...