6 matches found
FreePBX Recordings Backdoor Upload
Added: 10/14/2016 Background FreePBX is a web-based open-source graphical user interface used to manage Asterisk PBX, an open-source communication server. The FreePBX System Recordings module allows playback of recorded files. Problem The System Recordings module in FreePBX 13 and 14 is vulnerabl...
FreePBX Recordings Backdoor Upload
Added: 10/14/2016 Background FreePBX is a web-based open-source graphical user interface used to manage Asterisk PBX, an open-source communication server. The FreePBX System Recordings module allows playback of recorded files. Problem The System Recordings module in FreePBX 13 and 14 is vulnerabl...
FreePBX Recording Interface File Upload Code Execution (CVE-2010-3490)
FreePBX is an open source software implementation of a telephone Private Branch eXchange PBX. It allows a number of attached telephones to make calls to one another, and to connect to other telephone services including the public switched telephone network. A code execution vulnerability exists i...
Directory traversal
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. dot dot in the usersnum parameter to admin/config.php, as...
CVE-2010-3490
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. dot dot in the usersnum parameter to admin/config.php, as...
CVE-2010-3490
CVE-2010-3490 affects FreePBX