Vulnerabilities > Fusionpbx

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2021-43403	Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. network low complexity fusionpbx	6.5
2022-07-01	CVE-2021-37524	Cross-site Scripting vulnerability in Fusionpbx Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php. network fusionpbx CWE-79	4.3
2022-05-04	CVE-2022-28055	Command Injection vulnerability in Fusionpbx Fusionpbx v4.4 and below contains a command injection vulnerability via the download email logs function. network low complexity fusionpbx CWE-77	7.5
2021-11-05	CVE-2021-43404	Improper Input Validation vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. network low complexity fusionpbx CWE-20	6.5
2021-11-05	CVE-2021-43405	Improper Input Validation vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. network low complexity fusionpbx CWE-20	6.5
2021-11-05	CVE-2021-43406	Improper Input Validation vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. network low complexity fusionpbx CWE-20	6.5
2021-05-20	CVE-2020-21054	Cross-site Scripting vulnerability in Fusionpbx 4.5.7 Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php. network fusionpbx CWE-79	4.3
2021-05-20	CVE-2020-21055	Path Traversal vulnerability in Fusionpbx 4.5.7 A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filerename.php. network low complexity fusionpbx CWE-22	4.0
2021-05-20	CVE-2020-21056	Path Traversal vulnerability in Fusionpbx 4.5.7 Directory Traversal vulnerability exists in FusionPBX 4.5.7, which allows a remote malicious user to create folders via the folder variale to app\edit\foldernew.php. network low complexity fusionpbx CWE-22	4.0
2021-05-20	CVE-2020-21057	Path Traversal vulnerability in Fusionpbx 4.5.7 Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php. network low complexity fusionpbx CWE-22	5.5

Vulnerabilities > Fusionpbx {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fusionpbx"}]}

Vulnerabilities > Fusionpbx