CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fusionpbx: >> Fusionpbx >> 5.0.1 Security Vulnerabilities

CVE-2024-24539

FusionPBX before 5.2.0 does not validate a session.

CVSS Score

5.3

EPSS Score

0.0

Published

2024-03-18

CVE-2024-23387

FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product.

CVSS Score

4.8

EPSS Score

0.001

Published

2024-01-19

CVE-2022-35153

FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.

CVSS Score

9.8

EPSS Score

0.006

Published

2022-08-18

Page 1

Vulnerabilities

Vulnerable Software

Fusionpbx: >> Fusionpbx >> 5.0.1 Security Vulnerabilities

Products

Pricing

Contact Us