Filtered by vendor Coalescent Systems
Subscriptions
Filtered by product Freepbx
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-53564 | 1 Coalescent Systems | 1 Freepbx | 2024-12-04 | 8.8 High |
A serious vulnerability was discovered in FreePBX 17.0.19.17. FreePBX does not verify the type of uploaded files and does not restrict user access paths, allowing attackers to remotely control the FreePBX server by uploading malicious files with malicious content and accessing the default directory where the files are uploaded. This will result in particularly serious consequences. | ||||
CVE-2006-7107 | 1 Coalescent Systems | 1 Freepbx | 2024-11-21 | N/A |
PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter. | ||||
CVE-2006-6244 | 1 Coalescent Systems | 1 Freepbx | 2024-11-21 | N/A |
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number). |
Page 1 of 1.