Unrated severityNVD Advisory· Published Sep 28, 2010· Updated Jun 16, 2026
CVE-2010-3490
CVE-2010-3490
Description
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.8.0
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.