3 matches found
FreePBX Framework hotelwakeup Module Directory Traversal
A directory traversal vulnerability exists in FreePBX. The vulnerability is due to an input validation issue in the "hotelwakeup" module. A remote unauthenticated attacker can exploit this vulnerability by sending maliciously crafted requests to the page that could lead to arbitrary command...
FreePBX Remote Command Execution Vulnerability (CNVD-2016-08542)
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. A remote command execution vulnerability exists in the FreePBX 'admin/modules/hotelwakeup/Hotelwakeup.class.php...
FreePBX Remote Command Execution
Title : Freepbx =begin Freepbx 13.x are vulnerable to Remote command execution due to the insuffecient sanitization of the user input fields language,destination and also due to the lack of good authentication checking Technical details Vulnerable file :...