Freepbx Security Vulnerabilities and Issues — Freepbx CVE List

Lucene search

Coalescent SystemsFreepbx

3 matches found

CVE•added 2024/12/02 6:15 p.m.•48 views

CVE-2024-53564

A vulnerability was discovered in FreePBX 17.0.19.17. It does not verify the type of uploaded (valid FreePBX module) files, allowing high-privilege administrators to insert unwanted files. NOTE: the Supplier's position is that there is no risk beyond what high-privilege administrators are intention...

2.2CVSS3.6AI score0.00051EPSS

CVE•added 2006/12/04 11:28 a.m.•33 views

CVE-2006-6244

Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).

7.5CVSS7.9AI score0.00607EPSS

CVE•added 2007/03/03 9:19 p.m.•30 views

CVE-2006-7107

PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter.

7.5CVSS7.9AI score0.02962EPSS