|
222091
|
7.2 |
HIGH
Network
|
fusionpbx
|
fusionpbx
|
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any command…
|
CWE-78
OS Command
|
CVE-2019-16965
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222092
|
8.8 |
HIGH
Network
|
fusionpbx
|
fusionpbx
|
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attacker…
|
CWE-78
OS Command
|
CVE-2019-16964
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222093
|
6.1 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16991
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222094
|
6.1 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16989
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222095
|
6.1 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources\content.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leadin…
|
CWE-79
Cross-site Scripting
|
CVE-2019-16988
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222096
|
6.1 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16987
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222097
|
6.5 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php i…
|
CWE-22
Path Traversal
|
CVE-2019-16986
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222098
|
6.5 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.
|
CWE-22
Path Traversal
|
CVE-2019-16985
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222099
|
6.1 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16984
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222100
|
6.1 |
MEDIUM
Network
|
fusionpbx
|
fusionpbx
|
In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the UR…
|
CWE-79
Cross-site Scripting
|
CVE-2019-16983
|
2024-11-21 13:31 |
2019-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
