Shodan
Vulnerabilities
Vulnerable Software
Fusionpbx:  >> Fusionpbx  >> 4.4.1  Security Vulnerabilities
CVE-2019-16989
In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16991
In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16981
In FusionPBX up to v4.5.7, the file app\conference_profiles\conference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16982
In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16983
In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16984
In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16978
In FusionPBX up to v4.5.7, the file app\devices\device_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16979
In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-21
CVE-2019-16980
In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-21
CVE-2019-16990
In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-10-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved