Vulnerabilities > Sangoma > Freepbx > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-25 | CVE-2020-36630 | SQL Injection vulnerability in Sangoma Freepbx A vulnerability was found in FreePBX cdr 14.0. | 9.8 |
2014-10-07 | CVE-2014-7235 | Code Injection vulnerability in multiple products htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014. | 10.0 |