Search criteria
29 vulnerabilities found for FreePBX by FreePBX
CVE-2024-58294 (GCVE-0-2024-58294)
Vulnerability from nvd – Published: 2025-12-11 21:36 – Updated: 2025-12-11 21:36
VLAI?
Summary
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to establish remote shell access.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Cold z3ro
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FreePBX",
"vendor": "FreePBX",
"versions": [
{
"status": "affected",
"version": "16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cold z3ro"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the \u0027generatedocs\u0027 endpoint by crafting malicious POST requests with bash command injection to establish remote shell access.\u003c/p\u003e"
}
],
"value": "FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the \u0027generatedocs\u0027 endpoint by crafting malicious POST requests with bash command injection to establish remote shell access."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T21:36:11.213Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-52031",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/52031"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.freepbx.org/"
},
{
"name": "Original Video Link",
"tags": [
"product"
],
"url": "https://www.youtube.com/watch?v=rqFJ0BxwlLI"
},
{
"name": "VulnCheck Advisory: FreePBX 16 Authenticated Remote Code Execution via API Module",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/freepbx-authenticated-remote-code-execution-via-api-module"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "FreePBX 16 Authenticated Remote Code Execution via API Module",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-58294",
"datePublished": "2025-12-11T21:36:11.213Z",
"dateReserved": "2025-12-11T00:58:28.456Z",
"dateUpdated": "2025-12-11T21:36:11.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-15891 (GCVE-0-2018-15891)
Vulnerability from nvd – Published: 2019-06-20 16:35 – Updated: 2024-08-05 10:10
VLAI?
Summary
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:06.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.freepbx.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-20T16:35:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.freepbx.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.freepbx.org/",
"refsource": "MISC",
"url": "https://www.freepbx.org/"
},
{
"name": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode",
"refsource": "CONFIRM",
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15891",
"datePublished": "2019-06-20T16:35:57",
"dateReserved": "2018-08-26T00:00:00",
"dateUpdated": "2024-08-05T10:10:06.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7235 (GCVE-0-2014-7235)
Vulnerability from nvd – Published: 2014-10-07 14:00 – Updated: 2024-08-06 12:40
VLAI?
Summary
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"name": "61601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61601"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"name": "freepbx-ariframework-code-exec(96790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"name": "41005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"name": "70188",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70188"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"name": "61601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61601"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"name": "freepbx-ariframework-code-exec(96790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"name": "41005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"name": "70188",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70188"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"name": "61601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61601"
},
{
"name": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836",
"refsource": "CONFIRM",
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"name": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536",
"refsource": "CONFIRM",
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"name": "freepbx-ariframework-code-exec(96790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"name": "41005",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"name": "70188",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70188"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7235",
"datePublished": "2014-10-07T14:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1903 (GCVE-0-2014-1903)
Vulnerability from nvd – Published: 2014-02-18 11:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:14.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"name": "103240",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/103240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"name": "20140211 Re: Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"name": "20140211 Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"name": "20140211 [CVE-2014-1903] FreePBX 2.9 through 12 RCE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"name": "103240",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/103240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"name": "20140211 Re: Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"name": "20140211 Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"name": "20140211 [CVE-2014-1903] FreePBX 2.9 through 12 RCE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl",
"refsource": "MISC",
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"name": "103240",
"refsource": "OSVDB",
"url": "http://osvdb.org/103240"
},
{
"name": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03",
"refsource": "CONFIRM",
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"name": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429",
"refsource": "CONFIRM",
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"name": "20140211 Re: Freepbx , php code execution exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"name": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"name": "20140211 Freepbx , php code execution exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"name": "http://issues.freepbx.org/browse/FREEPBX-7123",
"refsource": "CONFIRM",
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"name": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice",
"refsource": "CONFIRM",
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"name": "http://issues.freepbx.org/browse/FREEPBX-7117",
"refsource": "CONFIRM",
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"name": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"name": "20140211 [CVE-2014-1903] FreePBX 2.9 through 12 RCE",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1903",
"datePublished": "2014-02-18T11:00:00",
"dateReserved": "2014-02-07T00:00:00",
"dateUpdated": "2024-08-06T09:58:14.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4458 (GCVE-0-2009-4458)
Vulnerability from nvd – Published: 2009-12-30 00:00 – Updated: 2024-08-07 07:01
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61357",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61357"
},
{
"name": "freepbx-zap-xss(55054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"name": "10645",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"name": "37972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37972"
},
{
"name": "freepbx-tech-xss(55053)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"name": "61358",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61358"
},
{
"name": "37482",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61357",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61357"
},
{
"name": "freepbx-zap-xss(55054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"name": "10645",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"name": "37972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37972"
},
{
"name": "freepbx-tech-xss(55053)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"name": "61358",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61358"
},
{
"name": "37482",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61357",
"refsource": "OSVDB",
"url": "http://osvdb.org/61357"
},
{
"name": "freepbx-zap-xss(55054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"name": "10645",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"name": "37972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37972"
},
{
"name": "freepbx-tech-xss(55053)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"name": "61358",
"refsource": "OSVDB",
"url": "http://osvdb.org/61358"
},
{
"name": "37482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4458",
"datePublished": "2009-12-30T00:00:00",
"dateReserved": "2009-12-29T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1803 (GCVE-0-2009-1803)
Vulnerability from nvd – Published: 2009-05-28 14:00 – Updated: 2024-09-16 22:51
VLAI?
Summary
FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/54263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-05-28T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/54263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54263",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/54263"
},
{
"name": "http://freepbx.org/trac/ticket/3660",
"refsource": "CONFIRM",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1803",
"datePublished": "2009-05-28T14:00:00Z",
"dateReserved": "2009-05-28T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:26.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1801 (GCVE-0-2009-1801)
Vulnerability from nvd – Published: 2009-05-28 14:00 – Updated: 2024-08-07 05:27
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "freepbx-reports-xss(50361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"name": "54260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54260"
},
{
"name": "54261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"name": "54259",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54259"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "freepbx-reports-xss(50361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"name": "54260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54260"
},
{
"name": "54261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"name": "54259",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54259"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freepbx-reports-xss(50361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"name": "54260",
"refsource": "OSVDB",
"url": "http://osvdb.org/54260"
},
{
"name": "54261",
"refsource": "OSVDB",
"url": "http://osvdb.org/54261"
},
{
"name": "http://freepbx.org/trac/ticket/3660",
"refsource": "CONFIRM",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34857"
},
{
"name": "54259",
"refsource": "OSVDB",
"url": "http://osvdb.org/54259"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1801",
"datePublished": "2009-05-28T14:00:00",
"dateReserved": "2009-05-28T00:00:00",
"dateUpdated": "2024-08-07T05:27:54.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1802 (GCVE-0-2009-1802)
Vulnerability from nvd – Published: 2009-05-28 14:00 – Updated: 2024-09-17 00:26
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54262"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-05-28T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54262"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54262",
"refsource": "OSVDB",
"url": "http://osvdb.org/54262"
},
{
"name": "http://freepbx.org/trac/ticket/3660",
"refsource": "CONFIRM",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1802",
"datePublished": "2009-05-28T14:00:00Z",
"dateReserved": "2009-05-28T00:00:00Z",
"dateUpdated": "2024-09-17T00:26:13.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2350 (GCVE-0-2007-2350)
Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070421 freePBX 2.2.x\u0027s Music-on-hold Remote Code Execution Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"name": "35316",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35316"
},
{
"name": "2652",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2652"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-08-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070421 freePBX 2.2.x\u0027s Music-on-hold Remote Code Execution Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"name": "35316",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35316"
},
{
"name": "2652",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2652"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070421 freePBX 2.2.x\u0027s Music-on-hold Remote Code Execution Injection",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"name": "35316",
"refsource": "OSVDB",
"url": "http://osvdb.org/35316"
},
{
"name": "2652",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2652"
},
{
"name": "24935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2350",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2191 (GCVE-0-2007-2191)
Vulnerability from nvd – Published: 2007-04-24 17:00 – Updated: 2024-08-07 13:23
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:51.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "freepbx-sip-xss(33772)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"name": "23575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23575"
},
{
"name": "20070419 XSS in freePBX 2.2.x portal\u0027s Asterisk Log tool",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"name": "2627",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2627"
},
{
"name": "35315",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35315"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "freepbx-sip-xss(33772)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"name": "23575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23575"
},
{
"name": "20070419 XSS in freePBX 2.2.x portal\u0027s Asterisk Log tool",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"name": "2627",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2627"
},
{
"name": "35315",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35315"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freepbx-sip-xss(33772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"name": "23575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23575"
},
{
"name": "20070419 XSS in freePBX 2.2.x portal\u0027s Asterisk Log tool",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"name": "2627",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2627"
},
{
"name": "35315",
"refsource": "OSVDB",
"url": "http://osvdb.org/35315"
},
{
"name": "24935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2191",
"datePublished": "2007-04-24T17:00:00",
"dateReserved": "2007-04-24T00:00:00",
"dateUpdated": "2024-08-07T13:23:51.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58294 (GCVE-0-2024-58294)
Vulnerability from cvelistv5 – Published: 2025-12-11 21:36 – Updated: 2025-12-11 21:36
VLAI?
Summary
FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to establish remote shell access.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Cold z3ro
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FreePBX",
"vendor": "FreePBX",
"versions": [
{
"status": "affected",
"version": "16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cold z3ro"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the \u0027generatedocs\u0027 endpoint by crafting malicious POST requests with bash command injection to establish remote shell access.\u003c/p\u003e"
}
],
"value": "FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the \u0027generatedocs\u0027 endpoint by crafting malicious POST requests with bash command injection to establish remote shell access."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T21:36:11.213Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-52031",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/52031"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "https://www.freepbx.org/"
},
{
"name": "Original Video Link",
"tags": [
"product"
],
"url": "https://www.youtube.com/watch?v=rqFJ0BxwlLI"
},
{
"name": "VulnCheck Advisory: FreePBX 16 Authenticated Remote Code Execution via API Module",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/freepbx-authenticated-remote-code-execution-via-api-module"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "FreePBX 16 Authenticated Remote Code Execution via API Module",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-58294",
"datePublished": "2025-12-11T21:36:11.213Z",
"dateReserved": "2025-12-11T00:58:28.456Z",
"dateUpdated": "2025-12-11T21:36:11.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-15891 (GCVE-0-2018-15891)
Vulnerability from cvelistv5 – Published: 2019-06-20 16:35 – Updated: 2024-08-05 10:10
VLAI?
Summary
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:06.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.freepbx.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-20T16:35:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.freepbx.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.freepbx.org/",
"refsource": "MISC",
"url": "https://www.freepbx.org/"
},
{
"name": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode",
"refsource": "CONFIRM",
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15891",
"datePublished": "2019-06-20T16:35:57",
"dateReserved": "2018-08-26T00:00:00",
"dateUpdated": "2024-08-05T10:10:06.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7235 (GCVE-0-2014-7235)
Vulnerability from cvelistv5 – Published: 2014-10-07 14:00 – Updated: 2024-08-06 12:40
VLAI?
Summary
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"name": "61601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61601"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"name": "freepbx-ariframework-code-exec(96790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"name": "41005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"name": "70188",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70188"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"name": "61601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61601"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"name": "freepbx-ariframework-code-exec(96790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"name": "41005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"name": "70188",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70188"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"name": "61601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61601"
},
{
"name": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836",
"refsource": "CONFIRM",
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"name": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536",
"refsource": "CONFIRM",
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"name": "freepbx-ariframework-code-exec(96790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"name": "41005",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"name": "70188",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70188"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-7235",
"datePublished": "2014-10-07T14:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-1903 (GCVE-0-2014-1903)
Vulnerability from cvelistv5 – Published: 2014-02-18 11:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:14.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"name": "103240",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/103240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"name": "20140211 Re: Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"name": "20140211 Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"name": "20140211 [CVE-2014-1903] FreePBX 2.9 through 12 RCE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"name": "103240",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/103240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"name": "20140211 Re: Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"name": "20140211 Freepbx , php code execution exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"name": "20140211 [CVE-2014-1903] FreePBX 2.9 through 12 RCE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl",
"refsource": "MISC",
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"name": "103240",
"refsource": "OSVDB",
"url": "http://osvdb.org/103240"
},
{
"name": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03",
"refsource": "CONFIRM",
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"name": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429",
"refsource": "CONFIRM",
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"name": "20140211 Re: Freepbx , php code execution exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"name": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"name": "20140211 Freepbx , php code execution exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"name": "http://issues.freepbx.org/browse/FREEPBX-7123",
"refsource": "CONFIRM",
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"name": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice",
"refsource": "CONFIRM",
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"name": "http://issues.freepbx.org/browse/FREEPBX-7117",
"refsource": "CONFIRM",
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"name": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"name": "20140211 [CVE-2014-1903] FreePBX 2.9 through 12 RCE",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1903",
"datePublished": "2014-02-18T11:00:00",
"dateReserved": "2014-02-07T00:00:00",
"dateUpdated": "2024-08-06T09:58:14.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4458 (GCVE-0-2009-4458)
Vulnerability from cvelistv5 – Published: 2009-12-30 00:00 – Updated: 2024-08-07 07:01
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61357",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61357"
},
{
"name": "freepbx-zap-xss(55054)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"name": "10645",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"name": "37972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37972"
},
{
"name": "freepbx-tech-xss(55053)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"name": "61358",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61358"
},
{
"name": "37482",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61357",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61357"
},
{
"name": "freepbx-zap-xss(55054)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"name": "10645",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"name": "37972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37972"
},
{
"name": "freepbx-tech-xss(55053)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"name": "61358",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61358"
},
{
"name": "37482",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61357",
"refsource": "OSVDB",
"url": "http://osvdb.org/61357"
},
{
"name": "freepbx-zap-xss(55054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"name": "10645",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"name": "37972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37972"
},
{
"name": "freepbx-tech-xss(55053)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"name": "61358",
"refsource": "OSVDB",
"url": "http://osvdb.org/61358"
},
{
"name": "37482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4458",
"datePublished": "2009-12-30T00:00:00",
"dateReserved": "2009-12-29T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1803 (GCVE-0-2009-1803)
Vulnerability from cvelistv5 – Published: 2009-05-28 14:00 – Updated: 2024-09-16 22:51
VLAI?
Summary
FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/54263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-05-28T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54263",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/54263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54263",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/54263"
},
{
"name": "http://freepbx.org/trac/ticket/3660",
"refsource": "CONFIRM",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1803",
"datePublished": "2009-05-28T14:00:00Z",
"dateReserved": "2009-05-28T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:26.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1801 (GCVE-0-2009-1801)
Vulnerability from cvelistv5 – Published: 2009-05-28 14:00 – Updated: 2024-08-07 05:27
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "freepbx-reports-xss(50361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"name": "54260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54260"
},
{
"name": "54261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"name": "54259",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54259"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "freepbx-reports-xss(50361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"name": "54260",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54260"
},
{
"name": "54261",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"name": "54259",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54259"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freepbx-reports-xss(50361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"name": "54260",
"refsource": "OSVDB",
"url": "http://osvdb.org/54260"
},
{
"name": "54261",
"refsource": "OSVDB",
"url": "http://osvdb.org/54261"
},
{
"name": "http://freepbx.org/trac/ticket/3660",
"refsource": "CONFIRM",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34857"
},
{
"name": "54259",
"refsource": "OSVDB",
"url": "http://osvdb.org/54259"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1801",
"datePublished": "2009-05-28T14:00:00",
"dateReserved": "2009-05-28T00:00:00",
"dateUpdated": "2024-08-07T05:27:54.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1802 (GCVE-0-2009-1802)
Vulnerability from cvelistv5 – Published: 2009-05-28 14:00 – Updated: 2024-09-17 00:26
VLAI?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54262"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-05-28T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54262",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54262"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54262",
"refsource": "OSVDB",
"url": "http://osvdb.org/54262"
},
{
"name": "http://freepbx.org/trac/ticket/3660",
"refsource": "CONFIRM",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"name": "34772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34772"
},
{
"name": "34857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1802",
"datePublished": "2009-05-28T14:00:00Z",
"dateReserved": "2009-05-28T00:00:00Z",
"dateUpdated": "2024-09-17T00:26:13.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2350 (GCVE-0-2007-2350)
Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070421 freePBX 2.2.x\u0027s Music-on-hold Remote Code Execution Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"name": "35316",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35316"
},
{
"name": "2652",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2652"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-08-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070421 freePBX 2.2.x\u0027s Music-on-hold Remote Code Execution Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"name": "35316",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35316"
},
{
"name": "2652",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2652"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070421 freePBX 2.2.x\u0027s Music-on-hold Remote Code Execution Injection",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"name": "35316",
"refsource": "OSVDB",
"url": "http://osvdb.org/35316"
},
{
"name": "2652",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2652"
},
{
"name": "24935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2350",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2191 (GCVE-0-2007-2191)
Vulnerability from cvelistv5 – Published: 2007-04-24 17:00 – Updated: 2024-08-07 13:23
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:51.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "freepbx-sip-xss(33772)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"name": "23575",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23575"
},
{
"name": "20070419 XSS in freePBX 2.2.x portal\u0027s Asterisk Log tool",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"name": "2627",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2627"
},
{
"name": "35315",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35315"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "freepbx-sip-xss(33772)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"name": "23575",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23575"
},
{
"name": "20070419 XSS in freePBX 2.2.x portal\u0027s Asterisk Log tool",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"name": "2627",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2627"
},
{
"name": "35315",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35315"
},
{
"name": "24935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "freepbx-sip-xss(33772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"name": "23575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23575"
},
{
"name": "20070419 XSS in freePBX 2.2.x portal\u0027s Asterisk Log tool",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"name": "2627",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2627"
},
{
"name": "35315",
"refsource": "OSVDB",
"url": "http://osvdb.org/35315"
},
{
"name": "24935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24935"
},
{
"name": "ADV-2007-1535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2191",
"datePublished": "2007-04-24T17:00:00",
"dateReserved": "2007-04-24T00:00:00",
"dateUpdated": "2024-08-07T13:23:51.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2018-15891
Vulnerability from fkie_nvd - Published: 2019-06-20 17:15 - Updated: 2024-11-21 03:51
Severity ?
Summary
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:15.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "31CDB8E8-DDC5-4FD0-B92F-0CE8B546728D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5E032A-03FF-4A60-954C-87D87041C8A4",
"versionEndExcluding": "13.0.122.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E09C7941-32F4-4FE8-8CC7-2A5C1B79B562",
"versionEndExcluding": "14.0.18.34",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC65822-E00B-46C8-A7EF-C226C5B14FAE",
"versionEndIncluding": "15.0.1",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:15.0.1:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7A84BC1D-AB54-4019-B2CF-C0928AD318FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name."
},
{
"lang": "es",
"value": "Se detecto un problema en el n\u00facleo de FreePBX antes de la versi\u00f3n 3.0.122.43, 14.0.18.34 y 5.0.1beta4. Al crear una solicitud para agregar m\u00f3dulos de Asterisk, un atacante puede almacenar comandos de JavaScript en el nombre de un m\u00f3dulo."
}
],
"id": "CVE-2018-15891",
"lastModified": "2024-11-21T03:51:39.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-20T17:15:09.847",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.freepbx.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.freepbx.org/display/FOP/2018-09-11+Core+Stored+XSS?src=contextnavpagetreemode"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.freepbx.org/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-7235
Vulnerability from fkie_nvd - Published: 2014-10-07 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freepbx | freepbx | 2.10.0.0 | |
| freepbx | freepbx | 2.10.0.1 | |
| freepbx | freepbx | 2.10.0.2 | |
| freepbx | freepbx | 2.10.0.3 | |
| freepbx | freepbx | 2.10.0.4 | |
| freepbx | freepbx | 2.10.0.5 | |
| freepbx | freepbx | 2.10.0.6 | |
| freepbx | freepbx | 2.10.0.7 | |
| freepbx | freepbx | 2.10.0.8 | |
| freepbx | freepbx | 2.10.0.9 | |
| freepbx | freepbx | 2.10.0.10 | |
| freepbx | freepbx | 2.11.1.0 | |
| freepbx | freepbx | 2.11.1.1 | |
| freepbx | freepbx | 2.11.1.2 | |
| freepbx | freepbx | 2.11.1.3 | |
| freepbx | freepbx | 2.11.1.4 | |
| sangoma | freepbx | * | |
| sangoma | freepbx | 2.11.0.0 | |
| sangoma | freepbx | 2.11.0.1 | |
| sangoma | freepbx | 2.11.0.2 | |
| sangoma | freepbx | 2.11.0.3 | |
| sangoma | freepbx | 2.11.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6317E737-4318-4986-AC41-9F69BEEE57C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B24685-54DE-4F76-AC05-3CA32A63E34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "182B7950-427E-4F48-968D-125DC480F00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4126EAD1-F307-4252-B951-AF6BA8AB50AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "38BD066D-9777-4D58-B283-38C35BD97171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7035B567-4728-4E8C-B27C-5C37445C89C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A591ECCE-6DBC-45BE-908F-BC5D8D817DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A284DA73-FD42-4C79-A4B7-3A1848F3883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F04952AA-A9F1-4C2F-A19A-5DF5D4CB27AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CA512E0C-5E77-4D67-8E49-D6F5B7DCE87F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9F29B0F2-C3A3-401C-A8D1-842E1D660BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61D4517F-EDED-49C3-B0E7-72703D49D78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "787A42CA-870B-4595-8234-93C6E3D68A51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.11.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "697C8EA2-5E93-46A8-B604-49DDCEA8B0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.11.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A082A340-769A-4925-AA29-4334B4940F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.11.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "04B6860F-F3D1-42E4-908D-789E26F00640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "575E3DA5-B8DE-47CC-A322-50EE531A5365",
"versionEndIncluding": "2.9.0.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90B28D54-5FBD-403C-BA01-3D2CF2F8D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "37704860-CB88-4182-9928-35A2CCDDA0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30DB72FB-2D60-4C78-B2E3-A54857FA382E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.11.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A36B78CA-1130-4045-99C3-339132F4ED66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0675B567-E2FB-4870-BD42-5CB97DA1B9E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014."
},
{
"lang": "es",
"value": "En el archivo htdocs_ari/includes/login.php en el m\u00f3dulo del Framework ARI/Asterisk Recording Interface (ARI) en FreePBX anterior a versi\u00f3n 2.9.0.9, versiones 2.10.x y versiones 2.11 anteriores a 2.11.1.5, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de la cookie ari_auth, relacionada con la funci\u00f3n unserialize de PHP, como se explot\u00f3 \u201cin the wild\u201d en septiembre de 2014."
}
],
"id": "CVE-2014-7235",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-07T14:55:09.093",
"references": [
{
"source": "cve@mitre.org",
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/61601"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/70188"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/41005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://community.freepbx.org/t/critical-freepbx-rce-vulnerability-all-versions-cve-2014-7235/24536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/128516/FreePBX-Authentication-Bypass-Account-Creation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/FreePBX/fw_ari/commit/f294b4580ce725ca3c5e692d86e63d40cef4d836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/41005/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-1903
Vulnerability from fkie_nvd - Published: 2014-02-18 11:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2A91F7BB-328B-446A-82F5-006372BB6A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "218DEE69-9011-4F41-8652-9546A575A066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2074522D-B309-488E-8FF3-CB04FC862306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "04919406-CF00-4CEA-8D63-B2F13C93C05F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php."
},
{
"lang": "es",
"value": "admin/libraries/view.functions.php en FreePBX 2.9 anterior a 2.9.0.14, 2.10 anterior a 2.10.1.15, 2.11 anterior a 2.11.0.23 y 12 anterior a 12.0.1alpha22 no restringe el conjunto de funciones accesibles al manejador de la API, lo que permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario a trav\u00e9s de los par\u00e1metros function y args hacia admin/config.php."
}
],
"id": "CVE-2014-1903",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-18T11:55:16.977",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"source": "cve@mitre.org",
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"source": "cve@mitre.org",
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/103240"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://issues.freepbx.org/browse/FREEPBX-7123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/103240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/531040/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-4458
Vulnerability from fkie_nvd - Published: 2009-12-30 00:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B657C6-A2DF-432A-9F46-1157C630CB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E2E4487C-8475-46C0-B469-430B49F4C0D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description parameter during an Add Zap Channel action, and (3) unspecified vectors during an Add Recordings action."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en FreePBX v2.5.2 y v2.6.0rc2, y probablemente otras versiones, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante (1) el par\u00e1metro \"tech\" en admin/admin/config.php durante una acci\u00f3n trunks display, (2) el par\u00e1metro \"description\" durante una acci\u00f3n Add Zap Channel, y (3) vectores no especificados durante una acci\u00f3n Add Recordings."
}
],
"id": "CVE-2009-4458",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-30T00:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/61357"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/61358"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37972"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37482"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/61357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/61358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/10645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/37482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55054"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-1801
Vulnerability from fkie_nvd - Published: 2009-05-28 14:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "455E97D6-B069-49D6-B510-3D4112A9E1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1E1278-3114-4BD1-B589-30B5313C9502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.0_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "32D216B0-31D6-4288-8773-FB2438944492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A09E3F0-E1A6-4CC4-8134-89DF5DB6EA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACC1C9-A2C3-41CA-B608-C474B642A380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A021AB-A142-4DAD-9EB0-2352C625D8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0B173F-2161-4E40-A712-90DA6B997820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "613A39A4-976E-4535-9408-533F957F7F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B657C6-A2DF-432A-9F46-1157C630CB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9734B50E-BEA8-41DF-835F-7B15A9BB31E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9645D4F-BB03-49AD-AE79-6FE990BF18FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados(XSS) en FreePBX v2.5.1, y otras v2.4.x, v2.5.x, y versiones pre-release v2.6.x, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s (1) del par\u00e1metro display a reports.php, (2) el order y (3) el par\u00e1metro extdisplay a config.php, y (4) el par\u00e1metro sort a recordings/index.php. NOTA: algunos de estos detalles han sido obtenidos a partir de terceros."
}
],
"id": "CVE-2009-1801",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-05-28T14:30:00.343",
"references": [
{
"source": "cve@mitre.org",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54259"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54260"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54261"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34772"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50361"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-1803
Vulnerability from fkie_nvd - Published: 2009-05-28 14:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freepbx | freepbx | 2.4 | |
| freepbx | freepbx | 2.4.0_beta1 | |
| freepbx | freepbx | 2.4.0_beta2 | |
| freepbx | freepbx | 2.4.1 | |
| freepbx | freepbx | 2.5 | |
| freepbx | freepbx | 2.5.0_beta1 | |
| freepbx | freepbx | 2.5.0rc2 | |
| freepbx | freepbx | 2.5.0rc3 | |
| freepbx | freepbx | 2.5.1 | |
| freepbx | freepbx | 2.5.2 | |
| sangoma | freepbx | 2.4.0 | |
| sangoma | freepbx | 2.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "455E97D6-B069-49D6-B510-3D4112A9E1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1E1278-3114-4BD1-B589-30B5313C9502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.0_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "32D216B0-31D6-4288-8773-FB2438944492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A09E3F0-E1A6-4CC4-8134-89DF5DB6EA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2C1156-93B6-4D71-8D9C-ED6FC6C0AE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACC1C9-A2C3-41CA-B608-C474B642A380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A021AB-A142-4DAD-9EB0-2352C625D8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0B173F-2161-4E40-A712-90DA6B997820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "613A39A4-976E-4535-9408-533F957F7F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B657C6-A2DF-432A-9F46-1157C630CB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9734B50E-BEA8-41DF-835F-7B15A9BB31E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9645D4F-BB03-49AD-AE79-6FE990BF18FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
},
{
"lang": "es",
"value": "FreePBX v2.5.1, v2.4.x, v2.5.x, y pre-release v2.6.x, genera distintos errores tras intentos de login fallidos dependiendo de si la cuenta de usuario existe o no, lo que permite a atacantes remotos listar nombres de usuarios v\u00e1alidos."
}
],
"id": "CVE-2009-1803",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-05-28T14:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34772"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/54263"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/54263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-1802
Vulnerability from fkie_nvd - Published: 2009-05-28 14:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freepbx | freepbx | 2.4 | |
| freepbx | freepbx | 2.4.0_beta1 | |
| freepbx | freepbx | 2.4.0_beta2 | |
| freepbx | freepbx | 2.4.1 | |
| freepbx | freepbx | 2.5 | |
| freepbx | freepbx | 2.5.0_beta1 | |
| freepbx | freepbx | 2.5.0rc2 | |
| freepbx | freepbx | 2.5.0rc3 | |
| freepbx | freepbx | 2.5.1 | |
| freepbx | freepbx | 2.5.2 | |
| sangoma | freepbx | 2.4.0 | |
| sangoma | freepbx | 2.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "455E97D6-B069-49D6-B510-3D4112A9E1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1E1278-3114-4BD1-B589-30B5313C9502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.0_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "32D216B0-31D6-4288-8773-FB2438944492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A09E3F0-E1A6-4CC4-8134-89DF5DB6EA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2C1156-93B6-4D71-8D9C-ED6FC6C0AE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACC1C9-A2C3-41CA-B608-C474B642A380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A021AB-A142-4DAD-9EB0-2352C625D8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.0rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0B173F-2161-4E40-A712-90DA6B997820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "613A39A4-976E-4535-9408-533F957F7F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B657C6-A2DF-432A-9F46-1157C630CB20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9734B50E-BEA8-41DF-835F-7B15A9BB31E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9645D4F-BB03-49AD-AE79-6FE990BF18FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en FreePBX 2.5.1, y otros 2.4.x, 2.5.x, y versiones pre-lanzamiento 2.6.x, permiten a atacantes remotos secuestrar la autenticaci\u00f3n de administradores en peticiones que crean una nueva cuenta de administrador o tener otros impactos no especificados."
}
],
"id": "CVE-2009-1802",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-05-28T14:30:00.377",
"references": [
{
"source": "cve@mitre.org",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54262"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34772"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://freepbx.org/trac/ticket/3660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2350
Vulnerability from fkie_nvd - Published: 2007-04-30 22:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5408AA7-7838-4167-A8D3-295FC71B6189",
"versionEndIncluding": "2.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter."
},
{
"lang": "es",
"value": "admin/config.php en el m\u00f3dulo music-on-hold de freePBX 2.2.x permite a administradores remotos autenticados ejecutar comandos de su elecci\u00f3n mediante meta-caracteres de consola de comandos en el par\u00e1metro del."
}
],
"id": "CVE-2007-2350",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-30T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35316"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24935"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2652"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1535"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2191
Vulnerability from fkie_nvd - Published: 2007-04-24 17:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsd:bsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B44D379F-F380-42EC-9C9A-A4C8314A4BDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE64F3F-48F6-493F-A81E-2B106FF73AC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECCBDA43-9C75-4B36-8C90-EF26B8CD777D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A896A046-4843-46B6-A8BA-1E8207AC2915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freepbx:freepbx:2.2_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B7FDB0-1CB9-49B6-B260-3BE25D7973EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencia de comandos en sitios cruzados (XSS) en freePBX 2.2.x permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los campos (1) From, (2) To, (3) Call-ID, (4) User-Agent, y otros no especificados del protocolo SIP, lo cuales son almacenados en /var/log/asterisk/full y mostrados por admin/modules/logfiles/asterisk-full-log.php."
}
],
"id": "CVE-2007-2191",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-24T17:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35315"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24935"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2627"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23575"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1535"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33772"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}