VYPR

Vendor CVEs

FusionPBX

All CVEs

52 total · sorted by risk
  • CVE-2019-11410HigJun 17, 2019
    risk 0.00cvss 7.2epss 0.03

    app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute commands on the host.

  • CVE-2019-11407HigJun 17, 2019
    risk 0.00cvss 7.2epss 0.02

    app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information.

Page 2 of 2