Coalescent Systems » Freepbx : Security Vulnerabilities, CVEs,
PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter.
Max CVSS
7.5
EPSS Score
3.96%
Published
2007-03-03
Updated
2017-10-11
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).
Max CVSS
7.5
EPSS Score
0.42%
Published
2006-12-04
Updated
2011-03-08
2 vulnerabilities found