18 matches found
EUVD-2019-9445
Malware in sbrugna...
EUVD-2020-3110
Malware in sbrugna...
CVE-2019-19852
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...
CVE-2019-19851
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...
CVE-2020-10666
The restapps aka Rest Phone apps module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command...
CVE-2020-10666
The restapps aka Rest Phone apps module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command...
CVE-2020-10666
The restapps aka Rest Phone apps module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command...
CVE-2020-10666
The Restapps (Rest Phone apps) module in Sangoma FreePBX and PBXact (versions 13–15 up to 15.0.19.2) is vulnerable to remote code execution via a URL variable to an AMI command. Root cause is a flaw in Restapps’ handling of AMI commands that allows injection. Impact per sources is high (remote, n...
FreePBX 命令注入漏洞
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX Freepbx project for configuring Asterisk an IP phone system through a GUI web-based graphical interface. A code injection vulnerability exists in Sangoma FreePBX and PBXact versions 13, 14, 15 through 15.0.19....
Sangoma FreePBX Cross-Site Scripting Vulnerability
FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. A cross-site scripting vulnerability exists in Sangoma FreePBX and PBXact versions 13, 14, and 15, which stems...
CVE-2019-19852
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...
CVE-2019-19852
An XSS injection vulnerability exists in Sangoma FreePBX and PBXact (13–15) within the Call Event Logging (cel) module, exploitable via the admin/config.php?display=cel page using date fields. Affected versions include cel up to 13.0.26.9, 14.x up to 14.0.2.14, and 15.x up to 15.0.15.4. The root ...
CVE-2019-19852
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4...
CVE-2019-19851
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...
CVE-2019-19851
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...
Cross site scripting
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...
CVE-2019-19851
An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...
CVE-2019-19851
CVE-2019-19851: An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module (admin/config.php?display=superfecta). Affected versions: FreePBX/PBXact Superfecta up to 13.0.4.7, 14.x up to 14.0.24, and 15.x up to 15.0.2.20. ...