Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36630 | 1 Sangoma | 1 Freepbx | 2024-04-11 | N/A | 9.8 CRITICAL |
| A vulnerability was found in FreePBX cdr 14.0. It has been classified as critical. This affects the function ajaxHandler of the file ucp/Cdr.class.php. The manipulation of the argument limit/offset leads to sql injection. Upgrading to version 14.0.5.21 is able to address this issue. The name of the patch is f1a9eea2dfff30fb99d825bac194a676a82b9ec8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216771. | |||||
| CVE-2019-25090 | 1 Sangoma | 1 Freepbx | 2024-04-11 | N/A | 6.1 MEDIUM |
| A vulnerability was found in FreePBX arimanager up to 13.0.5.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Views Handler. The manipulation of the argument dataurl leads to cross site scripting. The attack may be launched remotely. Upgrading to version 13.0.5.4 is able to address this issue. The name of the patch is 199dea7cc7020d3c469a86a39fbd80f5edd3c5ab. It is recommended to upgrade the affected component. VDB-216878 is the identifier assigned to this vulnerability. | |||||
| CVE-2018-6393 | 1 Sangoma | 1 Freepbx | 2024-04-11 | 6.5 MEDIUM | 7.2 HIGH |
| FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can "directly modify SQL tables ... [or] run shell scripts ... once ... logged in to the administration interface; there is no need to try to find input validation errors. | |||||
| CVE-2023-43336 | 1 Sangoma | 1 Freepbx | 2023-12-10 | N/A | 8.8 HIGH |
| Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101. | |||||
| CVE-2021-45461 | 1 Sangoma | 3 Freepbx, Pbxact, Restapps | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19. | |||||
| CVE-2020-10666 | 1 Sangoma | 2 Freepbx, Restapps | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command. | |||||
| CVE-2019-19852 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Call Event Logging report screen in the cel module at the admin/config.php?display=cel URI via date fields. This affects cel through 13.0.26.9, 14.x through 14.0.2.14, and 15.x through 15.0.15.4. | |||||
| CVE-2019-19615 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| Multiple XSS vulnerabilities exist in the Backup & Restore module \ v14.0.10.2 through v14.0.10.7 for FreePBX, as shown at /admin/config.php?display=backup on the FreePBX Administrator web site. An attacker can modify the id parameter of the backup configuration screen and embed malicious XSS code via a link. When another user (such as an admin) clicks the link, the XSS payload will render and execute in the context of the victim user's account. | |||||
| CVE-2019-19851 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20. | |||||
| CVE-2019-19538 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
| In Sangoma FreePBX 13 through 15 and sysadmin (aka System Admin) 13.0.92 through 15.0.13.6 modules have a Remote Command Execution vulnerability that results in Privilege Escalation. | |||||
| CVE-2019-19006 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. | |||||
| CVE-2019-19552 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another user (such as an admin) visits the main User Management screen, the XSS payload will render and execute in the context of the victim user's account. | |||||
| CVE-2019-16967 | 2 Freepbx, Sangoma | 2 Manager, Freepbx | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3. In the Manager module form (html\admin\modules\manager\views\form.php), an unsanitized managerdisplay variable coming from the URL is reflected in HTML, leading to XSS. It can be requested via GET request to /config.php?type=tool&display=manager. | |||||
| CVE-2019-16966 | 2 Freepbx, Sangoma | 2 Contactmanager, Freepbx | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\admin\modules\contactmanager\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager. | |||||
| CVE-2019-19551 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are not being properly sanitized. If this is done and a user (such as an admin) visits the User Management screen and views that user's profile, the XSS payload will render and execute in the context of the victim user's account. | |||||
| CVE-2018-15891 | 2 Freepbx, Sangoma | 2 Freepbx, Freepbx | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name. | |||||
| CVE-2014-7235 | 2 Freepbx, Sangoma | 2 Freepbx, Freepbx | 2023-12-10 | 10.0 HIGH | N/A |
| htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014. | |||||
| CVE-2014-1903 | 2 Freepbx, Sangoma | 2 Freepbx, Freepbx | 2023-12-10 | 7.5 HIGH | N/A |
| admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php. | |||||
| CVE-2012-4869 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 7.5 HIGH | N/A |
| The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action. | |||||
| CVE-2012-4870 | 1 Sangoma | 1 Freepbx | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to panel/flash/mypage.php; (5) PATH_INFO to admin/views/freepbx_reload.php; or (6) login parameter to recordings/index.php. | |||||