Vulnerabilities > Freepbx
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-21 | CVE-2019-16967 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3. | 6.1 |
2019-10-21 | CVE-2019-16966 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. | 6.1 |
2019-06-20 | CVE-2018-15892 | SQL Injection vulnerability in Freepbx Disa FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.php?display=disa&view=form page. | 4.3 |
2019-06-20 | CVE-2018-15891 | Cross-site Scripting vulnerability in multiple products An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. | 4.8 |