CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fusionpbx : Security Vulnerabilities Published In 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-19388 79 XSS 2019-11-29 2019-12-02
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter.
2 CVE-2019-19387 79 XSS 2019-11-29 2019-12-02
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_interactive.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the c parameter.
3 CVE-2019-19386 79 XSS 2019-11-29 2019-12-02
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/voicemail_greeting_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemail_id parameter.
4 CVE-2019-19385 79 XSS 2019-11-29 2019-12-02
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/dialplans/dialplans.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the app_uuid parameter.
5 CVE-2019-19384 79 XSS 2019-11-29 2019-12-02
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the fax_uuid parameter.
6 CVE-2019-19367 79 XSS 2019-11-27 2019-12-04
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/fax/fax_files.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
7 CVE-2019-19366 79 XSS 2019-11-27 2019-12-04
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_search.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.
8 CVE-2019-16991 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an unsanitized "file" variable coming from the URL, which is reflected in HTML, leading to XSS.
9 CVE-2019-16990 22 Dir. Trav. 2019-10-21 2019-10-23
4.0
None Remote Low ??? Partial None None
In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.php uses an unsanitized "file" variable coming from the URL, which takes any pathname (base64 encoded) and allows a download of it.
10 CVE-2019-16989 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
11 CVE-2019-16988 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources\content.php uses an unsanitized "eavesdrop_dest" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
12 CVE-2019-16987 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
13 CVE-2019-16986 22 Dir. Trav. 2019-10-21 2019-10-23
4.0
None Remote Low ??? Partial None None
In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php is also affected.)
14 CVE-2019-16985 22 Dir. Trav. 2019-10-21 2019-10-23
8.5
None Remote Low ??? None Complete Complete
In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system.
15 CVE-2019-16984 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.
16 CVE-2019-16983 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function (called by several pages of the interface), which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS.
17 CVE-2019-16982 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
18 CVE-2019-16981 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\conference_profiles\conference_profile_params.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
19 CVE-2019-16980 89 Sql 2019-10-21 2019-10-23
6.5
None Remote Low ??? Partial Partial Partial
In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_edit.php uses an unsanitized "id" variable coming from the URL in an unparameterized SQL query, leading to SQL injection.
20 CVE-2019-16979 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
21 CVE-2019-16978 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to v4.5.7, the file app\devices\device_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
22 CVE-2019-16977 79 XSS 2019-10-23 2019-10-28
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
23 CVE-2019-16976 79 XSS 2019-10-23 2019-10-28
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\destinations\destination_imports.php uses an unsanitized "query_string" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
24 CVE-2019-16975 79 XSS 2019-10-23 2019-10-24
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
25 CVE-2019-16974 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
26 CVE-2019-16973 79 XSS 2019-10-22 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
27 CVE-2019-16972 79 XSS 2019-10-22 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
28 CVE-2019-16971 79 XSS 2019-10-22 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
29 CVE-2019-16970 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses an unsanitized "savemsg" variable coming from the URL, which is reflected in HTML, leading to XSS.
30 CVE-2019-16969 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
31 CVE-2019-16968 79 XSS 2019-10-21 2019-10-23
4.3
None Remote Medium Not required None Partial None
An issue was discovered in FusionPBX up to 4.5.7. In the file app\conference_controls\conference_control_details.php, an unsanitized id variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS.
32 CVE-2019-16965 78 Exec Code 2019-10-21 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.
33 CVE-2019-16964 78 Exec Code 2019-10-21 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data.
34 CVE-2019-15029 78 Exec Code 2019-09-05 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request with the service id followed by the parameter a=start to execute the stored command.
35 CVE-2019-11410 78 Exec Code 2019-06-17 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute commands on the host.
36 CVE-2019-11409 79 Exec Code XSS 2019-06-17 2019-06-18
6.5
None Remote Low ??? Partial Partial Partial
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation that allows authenticated non-administrative attackers to execute commands on the host. This can further lead to remote code execution when combined with an XSS vulnerability also present in the FusionPBX Operator Panel module.
37 CVE-2019-11408 79 Exec Code XSS 2019-06-17 2019-06-18
4.3
None Remote Medium Not required None Partial None
XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining this vulnerability with a command injection vulnerability also present in FusionPBX.
38 CVE-2019-11407 200 +Info 2019-06-17 2019-06-18
4.0
None Remote Low ??? Partial None None
app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 suffers from an information disclosure vulnerability due to excessive debug information, which allows authenticated administrative attackers to obtain credentials and other sensitive information.
Total number of vulnerabilities : 38   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.