Coalescent Systems: >> Freepbx Security Vulnerabilities
PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter.
CVSS Score
7.5
EPSS Score
0.03
Published
2007-03-03
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).
CVSS Score
7.5
EPSS Score
0.007
Published
2006-12-04