VYPR

Vendor CVEs

FusionPBX

All CVEs

52 total · sorted by risk
  • CVE-2019-15029HigSep 5, 2019
    risk 0.61cvss 8.8epss 0.12

    FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request…

  • CVE-2019-16980HigOct 21, 2019
    risk 0.50cvss 8.8epss 0.01

    In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.

  • CVE-2019-16965HigOct 21, 2019
    risk 0.40cvss 7.2epss 0.03

    resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.

  • CVE-2019-16986MedOct 21, 2019
    risk 0.35cvss 6.5epss 0.01

    In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php is also affected.)

  • CVE-2019-16985MedOct 21, 2019
    risk 0.35cvss 6.5epss 0.01

    In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.

  • CVE-2019-16990MedOct 21, 2019
    risk 0.35cvss 6.5epss 0.01

    In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.

  • CVE-2019-16977MedOct 23, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16975MedOct 23, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16976MedOct 23, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\destinations\destination_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.

  • CVE-2019-16973MedOct 22, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16972MedOct 22, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16971MedOct 22, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.

  • CVE-2019-16974MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16969MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16970MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16968MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    An issue was discovered in FusionPBX up to 4.5.7. In the file app\conference_controls\conference_control_details.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS.

  • CVE-2019-16991MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16989MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16988MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources\content.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.

  • CVE-2019-16987MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16984MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.

  • CVE-2019-16983MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.

  • CVE-2019-16982MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16981MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\conference_profiles\conference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.

  • CVE-2019-16979MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.

  • CVE-2019-16978MedOct 21, 2019
    risk 0.33cvss 6.1epss 0.01

    In FusionPBX up to v4.5.7, the file app\devices\device_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.

  • CVE-2024-23387MedJan 19, 2024
    risk 0.31cvss 4.8epss 0.00

    FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product.

  • CVE-2019-11409HigJun 17, 2019
    risk 0.10cvss 8.8epss 0.87

    app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation that allows authenticated non-administrative attackers to execute commands on the host. This can further lead to remote…

  • CVE-2021-43405HigNov 5, 2021
    risk 0.06cvss 8.8epss 0.36

    An issue was discovered in FusionPBX before 4.5.30. The fax_extension may have risky characters (it is not constrained to be numeric).

  • CVE-2019-11408MedJun 17, 2019
    risk 0.01cvss 6.1epss 0.07

    XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code…

  • CVE-2024-24539MedMar 18, 2024
    risk 0.00cvss 5.3epss 0.01

    FusionPBX before 5.2.0 does not validate a session.

  • CVE-2021-43403MedSep 29, 2022
    risk 0.00cvss 6.5epss 0.01

    An issue was discovered in FusionPBX before 4.5.30. The log_viewer.php Log View page allows an authenticated user to choose an arbitrary filename for download (i.e., not necessarily freeswitch.log in the intended directory).

  • CVE-2022-35153CriAug 18, 2022
    risk 0.00cvss 9.8epss 0.02

    FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.

  • CVE-2021-37524MedJul 1, 2022
    risk 0.00cvss 6.1epss 0.01

    Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php.

  • CVE-2022-28055CriMay 4, 2022
    risk 0.00cvss 9.8epss 0.01

    Fusionpbx v4.4 and below contains a command injection vulnerability via the download email logs function.

  • CVE-2021-43406HigNov 5, 2021
    risk 0.00cvss 8.8epss 0.01

    An issue was discovered in FusionPBX before 4.5.30. The fax_post_size may have risky characters (it is not constrained to preset values).

  • CVE-2021-43404HigNov 5, 2021
    risk 0.00cvss 8.8epss 0.01

    An issue was discovered in FusionPBX before 4.5.30. The FAX file name may have risky characters.

  • CVE-2020-21057HigMay 20, 2021
    risk 0.00cvss 8.1epss 0.02

    Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php.

  • CVE-2020-21056MedMay 20, 2021
    risk 0.00cvss 4.3epss 0.01

    Directory Traversal vulnerability exists in FusionPBX 4.5.7, which allows a remote malicious user to create folders via the folder variale to app\edit\foldernew.php.

  • CVE-2020-21055MedMay 20, 2021
    risk 0.00cvss 6.5epss 0.01

    A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filerename.php.

  • CVE-2020-21054MedMay 20, 2021
    risk 0.00cvss 6.1epss 0.01

    Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php.

  • CVE-2020-21053MedMay 20, 2021
    risk 0.00cvss 6.1epss 0.01

    Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "query_string" variable in app\devices\device_imports.php.

  • CVE-2019-19388MedNov 29, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter.

  • CVE-2019-19387MedNov 29, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_interactive.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the c parameter.

  • CVE-2019-19386MedNov 29, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/voicemail_greeting_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemail_id parameter.

  • CVE-2019-19385MedNov 29, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the app_uuid parameter.

  • CVE-2019-19384MedNov 29, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the fax_uuid parameter.

  • CVE-2019-19367MedNov 27, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/fax/fax_files.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

  • CVE-2019-19366MedNov 27, 2019
    risk 0.00cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_search.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.

  • CVE-2019-16964HigOct 21, 2019
    risk 0.00cvss 8.8epss 0.02

    app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit)…

Page 1 of 2