Lucene search
SangomaFreepbx*
2 matches found
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
7.5CVSS7.7AI score0.84867EPSS
In wildWeb
CVE-2012-4870
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to panel/flash/mypage.php; (5) PATH_INF...
4.3CVSS5.9AI score0.07984EPSS
Web