Vulnerabilities > Freepbx

DATE	CVE	VULNERABILITY TITLE	RISK
2007-04-30	CVE-2007-2350	Remote Security vulnerability in freePBX admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter. network low complexity freepbx	6.5
2007-04-24	CVE-2007-2191	HTML Injection vulnerability in Freepbx 2.2.1/2.2Rc1 Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. network bsd hp ibm linux santa-cruz-operation sun freepbx	6.8

Vulnerabilities > Freepbx {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Freepbx"}]}