Vulnerabilities > Fusionpbx

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-23	CVE-2019-16977	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS. network fusionpbx CWE-79	4.3
2019-10-23	CVE-2019-16975	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS. network fusionpbx CWE-79	4.3
2019-10-23	CVE-2019-16976	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\destinations\destination_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS. network fusionpbx CWE-79	4.3
2019-10-22	CVE-2019-16973	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS. network low complexity fusionpbx CWE-79	6.1
2019-10-22	CVE-2019-16972	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS. network low complexity fusionpbx CWE-79	6.1
2019-10-22	CVE-2019-16971	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS. network low complexity fusionpbx CWE-79	6.1
2019-10-21	CVE-2019-16974	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS. network low complexity fusionpbx CWE-79	6.1
2019-10-21	CVE-2019-16969	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS. network low complexity fusionpbx CWE-79	6.1
2019-10-21	CVE-2019-16970	Cross-site Scripting vulnerability in Fusionpbx In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS. network low complexity fusionpbx CWE-79	6.1
2019-10-21	CVE-2019-16968	Cross-site Scripting vulnerability in Fusionpbx An issue was discovered in FusionPBX up to 4.5.7. network low complexity fusionpbx CWE-79	6.1

Vulnerabilities > Fusionpbx {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fusionpbx"}]}

Vulnerabilities > Fusionpbx