Vulnerabilities > Fusionpbx
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2024-23387 | Cross-site Scripting vulnerability in Fusionpbx FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. | 4.8 |
| 2022-09-29 | CVE-2021-43403 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 6.5 |
| 2022-08-18 | CVE-2022-35153 | Improper Encoding or Escaping of Output vulnerability in Fusionpbx 5.0.1 FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php. | 9.8 |
| 2022-07-01 | CVE-2021-37524 | Cross-site Scripting vulnerability in Fusionpbx Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php. | 6.1 |
| 2022-05-04 | CVE-2022-28055 | OS Command Injection vulnerability in Fusionpbx Fusionpbx v4.4 and below contains a command injection vulnerability via the download email logs function. | 9.8 |
| 2021-11-05 | CVE-2021-43404 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
| 2021-11-05 | CVE-2021-43405 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
| 2021-11-05 | CVE-2021-43406 | Improper Input Validation vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
| 2021-05-20 | CVE-2020-21054 | Cross-site Scripting vulnerability in Fusionpbx 4.5.7 Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php. | 6.1 |
| 2021-05-20 | CVE-2020-21055 | Path Traversal vulnerability in Fusionpbx 4.5.7 A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filerename.php. | 6.5 |