Page 3 of 24 results (0.009 seconds)

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2

FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can "directly modify SQL tables ... [or] run shell scripts ... once ... logged in to the administration interface; there is no need to try to find input validation errors. ** EN DISPUTA ** FreePBX 10.13.66-32bit y 14.0.1.24 (SNG7-PBX-64bit-1712-2) permite inyección SQL de posautenticación mediante el parámetro order. NOTA: el vendedor discute este problema porque es intencional que un usuario pueda "modificar directamente las tablas SQL...". [o] ejecutar scripts shell .... una vez .... conectados a la interfaz de administración; no hay necesidad de intentar encontrar errores de validación de entrada". • http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html http://www.securityfocus.com/bid/102854 https://github.com/c610/tmp/blob/master/sqlipoc-freepbx-14.0.1.24-req.txt • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 10.0EPSS: 89%CPEs: 22EXPL: 1

htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014. En el archivo htdocs_ari/includes/login.php en el módulo del Framework ARI/Asterisk Recording Interface (ARI) en FreePBX anterior a versión 2.9.0.9, versiones 2.10.x y versiones 2.11 anteriores a 2.11.1.5, permite a los atacantes remotos ejecutar código arbitrario por medio de la cookie ari_auth, relacionada con la función unserialize de PHP, como se explotó “in the wild” en septiembre de 2014. FreePBX versions prior to 2.11.1.5 suffer from a code execution vulnerability. • https://www.exploit-db.com/exploits/41005 http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536 http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html http://secunia.com/advisories/61601 http://www.securityfocus.com/bid/70188 https://exchange.xforce.ibmcloud.com/vulnerabilities/96790 https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 96%CPEs: 4EXPL: 2

admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php. admin/libraries/view.functions.php en FreePBX 2.9 anterior a 2.9.0.14, 2.10 anterior a 2.10.1.15, 2.11 anterior a 2.11.0.23 y 12 anterior a 12.0.1alpha22 no restringe el conjunto de funciones accesibles al manejador de la API, lo que permite a atacantes remotos ejecutar código PHP arbitrario a través de los parámetros function y args hacia admin/config.php. • https://www.exploit-db.com/exploits/32214 https://www.exploit-db.com/exploits/32512 http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03 http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429 http://issues.freepbx.org/browse/FREEPBX-7117 http://issues.freepbx.org/browse/FREEPBX-7123 http://osvdb.org/103240 http:/ • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 36%CPEs: 2EXPL: 7

The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action. La función callme_startcall en recordings/misc/callme_page.php en FreePBX v2.9, v2.10 y anteriores permite a atacantes remotos ejecutar comandos arbitrarios a través del parámetro callmenum en acción alterna. • https://www.exploit-db.com/exploits/18659 https://www.exploit-db.com/exploits/18649 https://www.exploit-db.com/exploits/18650 https://github.com/0xConstant/CVE-2012-4869 http://packetstormsecurity.org/files/111028/FreePBX-2.10.0-Remote-Command-Execution-XSS.html http://seclists.org/fulldisclosure/2012/Mar/234 http://secunia.com/advisories/48463 http://www.exploit-db.com/exploits/18649 http://www.exploit-db.com/exploits/18659 http://www.freepbx.org/trac/ticket/5711 http • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 5

Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to panel/flash/mypage.php; (5) PATH_INFO to admin/views/freepbx_reload.php; or (6) login parameter to recordings/index.php. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en FreePBX v2.9 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro de contexto (1) al panel/index_amp.php o (2) Panel/dhtml/index.php, (3) CLID o (4) parámetros clidname al panel/flash/mypage.php, (5) PATH_INFO para admin/views/freepbx_reload.php, o (6) parámetro login/index.php a las grabaciones. • https://www.exploit-db.com/exploits/18649 http://packetstormsecurity.org/files/111028/FreePBX-2.10.0-Remote-Command-Execution-XSS.html http://seclists.org/fulldisclosure/2012/Mar/234 http://secunia.com/advisories/48463 http://secunia.com/advisories/48475 http://www.exploit-db.com/exploits/18649 http://www.freepbx.org/trac/ticket/5711 http://www.securityfocus.com/bid/52630 https://exchange.xforce.ibmcloud.com/vulnerabilities/74173 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •