Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.7 views

CVE-2019-16970

In FusionPBX up to 4.5.7, the file app\sipstatus\sipstatus.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score0.00803EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.8 views

CVE-2019-16973

In FusionPBX up to 4.5.7, the file app\contacts\contactedit.php uses an unsanitized "querystring" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score0.00824EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16979

In FusionPBX up to v4.5.7, the file app\contacts\contacturls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score0.00824EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.8 views

CVE-2019-16971

In FusionPBX up to 4.5.7, the file app\messages\messagesthread.php uses an unsanitized "contactuuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS...

6.1CVSS6.8AI score0.00803EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7452

Malware in sbrugna...

6.1CVSS6.3AI score0.00672EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-7461

Malware in sbrugna...

6.1CVSS6.3AI score0.00803EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7465

Malware in sbrugna...

6.1CVSS6.3AI score0.00803EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7446

Malware in sbrugna...

6.1CVSS6.3AI score0.00803EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7450

Malware in sbrugna...

6.1CVSS6.3AI score0.00824EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7449

Malware in sbrugna...

6.1CVSS6.3AI score0.00841EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7448

Malware in sbrugna...

6.1CVSS6.3AI score0.00803EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 a.m.5 views

CVE-2019-16975

In FusionPBX up to 4.5.7, the file app\contacts\contactnotes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score0.00672EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:25 a.m.5 views

CVE-2019-19366

A cross-site scripting XSS vulnerability in app/xmlcdr/xmlcdrsearch.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

6.1CVSS5.7AI score0.00866EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:18 a.m.4 views

CVE-2019-16974

In FusionPBX up to 4.5.7, the file app\contacts\contacttimes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score0.00824EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:52 a.m.7 views

CVE-2019-19388

A cross-site scripting XSS vulnerability in app/dialplans/dialplandetailedit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplanuuid parameter...

6.1CVSS5.7AI score0.00866EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 a.m.6 views

CVE-2019-16984

In FusionPBX up to v4.5.7, the file app\recordings\recordingplay.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS...

6.1CVSS6.8AI score0.00803EPSS
Exploits0References1
OSV
OSV
added 2019/10/23 5:15 p.m.5 views

CVE-2019-16977

In FusionPBX up to 4.5.7, the file app\extensions\extensionimports.php uses an unsanitized "querystring" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2019/10/22 10:15 p.m.6 views

CVE-2019-16971

In FusionPBX up to 4.5.7, the file app\messages\messagesthread.php uses an unsanitized "contactuuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS...

6.1CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2019/10/21 9:15 p.m.4 views

CVE-2019-16969

In FusionPBX up to 4.5.7, the file app\fifolist\fifointeractive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS...

6.1CVSS6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2019/10/21 3:20 p.m.16 views

CVE-2019-16983

In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function called by several pages of the interface, which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS...

6.3AI score0.00803EPSS
Exploits0References2
Rows per page
Query Builder