Page 3 of 13 results (0.006 seconds)

CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 1

admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter. admin/config.php en el módulo music-on-hold de freePBX 2.2.x permite a administradores remotos autenticados ejecutar comandos de su elección mediante meta-caracteres de consola de comandos en el parámetro del. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html http://osvdb.org/35316 http://secunia.com/advisories/24935 http://securityreason.com/securityalert/2652 http://www.vupen.com/english/advisories/2007/1535 •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2

PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter. Vulnerabilidad PHP de inclusión remota de archivo en upgrade.php en Coalescent Systems freePBX 2.1.3 permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro amp_conf[AMPWEBROOT]. • https://www.exploit-db.com/exploits/2665 http://www.securityfocus.com/bid/20785 https://exchange.xforce.ibmcloud.com/vulnerabilities/29879 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number). Coalescent Systems freePBX (anteriormente Asterisk Management Portal) anterior a 2.2.0rc1 permite a atacantes remotos ejecutar comandos de su elección mediante metacaracteres de línea de comandos en (1) CALLERID(nombre) o (2) CALLERID(número). • http://secunia.com/advisories/23124 http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129 http://www.freepbx.org/trac/changeset/2076 http://www.securityfocus.com/bid/21359 http://www.vupen.com/english/advisories/2006/3019 •