Vulnerabilities > Fusionpbx > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-05 | CVE-2021-43404 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
| 2021-11-05 | CVE-2021-43405 | Unspecified vulnerability in Fusionpbx An issue was discovered in FusionPBX before 4.5.30. | 8.8 |
| 2019-10-21 | CVE-2019-16965 | OS Command Injection vulnerability in Fusionpbx resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data. | 7.2 |
| 2019-10-21 | CVE-2019-16980 | SQL Injection vulnerability in Fusionpbx In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection. | 8.8 |