CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19851
https://notcve.org/view.php?id=CVE-2019-19851
16 Mar 2020 — An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20. Se presenta una vulnerabilidad de Inyección de XSS en Sangoma FreePBX y PBXact versiones 13, 14 y 15, dentro de la página Debug/Test del módulo Superfecta en el URI admin/config.php?display=superfecta. • https://wiki.freepbx.org/display/FOP/2020-01-09+XSS+Injection+vulnerability+in+Superfecta+Module • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19551
https://notcve.org/view.php?id=CVE-2019-19551
06 Dec 2019 — In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are not being properly sanitized. If this is done and a user (such as an admin) visits the User Management screen and views that user's profile, the XSS payload will render and execute in the context of the victim user's ... • https://wiki.freepbx.org/display/FOP/2019-12-03+Multiple+XSS+Vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-19552
https://notcve.org/view.php?id=CVE-2019-19552
06 Dec 2019 — In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another user (such as an admin) visits the main User Management screen, the XSS payload will render and execute in the context of the victim user's account. En userman versiones 13.0.76.43 hasta 15.0.20 en Sangoma FreePBX, s... • https://wiki.freepbx.org/display/FOP/2019-12-03+Multiple+XSS+Vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2019-19006
https://notcve.org/view.php?id=CVE-2019-19006
21 Nov 2019 — Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control. Sangoma FreePBX versión 115.0.16.26 y anteriores, versión 14.0.13.11 y anteriores, versión 13.0.197.13 y anteriores, presenta un Control de Acceso Incorrecto. • https://community.freepbx.org/t/freepbx-security-vulnerability-sec-2019-001/62772 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-16967
https://notcve.org/view.php?id=CVE-2019-16967
21 Oct 2019 — An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3. In the Manager module form (html\admin\modules\manager\views\form.php), an unsanitized managerdisplay variable coming from the URL is reflected in HTML, leading to XSS. It can be requested via GET request to /config.php?type=tool&display=manager. Se detectó un problema en Manager versiones 13.x anteriores a 13.0.2.6 y versiones 15.x anteriores a 15.0.6 antes del FreePBX versión 14.0.10.3. • https://github.com/FreePBX/manager/commit/071a50983ca6a373bb2d1d3db68e9eda4667a372 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 15EXPL: 0CVE-2019-16966
https://notcve.org/view.php?id=CVE-2019-16966
21 Oct 2019 — An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\admin\modules\contactmanager\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager. Se detectó un problema en Contactmanager versiones 13.x anteriores a 13.0.45.3, versiones 14.x anterio... • https://github.com/FreePBX/contactmanager/commit/99e5aa0050224289cfe64c9036f38ce2531bf633 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-15891
https://notcve.org/view.php?id=CVE-2018-15891
20 Jun 2019 — An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name. Se detecto un problema en el núcleo de FreePBX antes de la versión 3.0.122.43, 14.0.18.34 y 5.0.1beta4. Al crear una solicitud para agregar módulos de Asterisk, un atacante puede almacenar comandos de JavaScript en el nombre de un módulo. • https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 3%CPEs: 2EXPL: 2CVE-2018-6393
https://notcve.org/view.php?id=CVE-2018-6393
29 Jan 2018 — FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can "directly modify SQL tables ... [or] run shell scripts ... once ... logged in to the administration interface; there is no need to try to find input validation errors. ** EN DISPUTA ** FreePBX 10.13.66-32bit y 14.0.1.24 (SNG7-PBX-64bit-1712-2) permite inyección SQL de posautenticación mediante el parámetro... • http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 53%CPEs: 22EXPL: 2CVE-2014-7235 – Freepbx < 2.11.1.5 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-7235
07 Oct 2014 — htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014. En el archivo htdocs_ari/includes/login.php en el módulo del Framework ARI/Asterisk Recording Interface (ARI) en FreePBX anterior a versión 2.9.0.9, versiones 2.10.x y versiones 2.11 anteriores a 2.1... • https://packetstorm.news/files/id/140414 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 84%CPEs: 4EXPL: 3CVE-2014-1903 – FreePBX 2.11.0 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-1903
14 Feb 2014 — admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php. admin/libraries/view.functions.php en FreePBX 2.9 anterior a 2.9.0.14, 2.10 anterior a 2.10.1.15, 2.11 anterior a 2.11.0.23 y 12 anterior a 12.0.1alpha22 no restringe el conjunto de f... • https://packetstorm.news/files/id/125856 • CWE-264: Permissions, Privileges, and Access Controls •