1 results (0.005 seconds)

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0

FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.php?display=disa&view=form page. FreePBX 13 y 14 tiene Inyección SQL en el módulo DISA a través de la variable de bloqueo en la página /admin/config.php?display=disa&view=form. • https://wiki.freepbx.org/display/FOP/2018-09-11+DISA+SQL+Injection https://www.freepbx.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •