Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sangoma Subscribe
Total 36 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19551 1 Sangoma 1 Freepbx 2019-12-11 3.5 LOW 4.8 MEDIUM
In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the User Management screen of the Administrator web site. An attacker with access to the User Control Panel application can submit malicious values in some of the time/date formatting and time-zone fields. These fields are not being properly sanitized. If this is done and a user (such as an admin) visits the User Management screen and views that user's profile, the XSS payload will render and execute in the context of the victim user's account.
CVE-2019-19552 1 Sangoma 1 Freepbx 2019-12-10 3.5 LOW 4.8 MEDIUM
In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists in the user management screen of the Administrator web site, i.e., the/admin/config.php?display=userman URI. An attacker with sufficient privileges can edit the Display Name of a user and embed malicious XSS code. When another user (such as an admin) visits the main User Management screen, the XSS payload will render and execute in the context of the victim user's account.
CVE-2018-15891 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2019-12-10 3.5 LOW 4.8 MEDIUM
An issue was discovered in FreePBX core before 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
CVE-2019-16967 2 Freepbx, Sangoma 2 Manager, Freepbx 2019-12-10 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x before 15.0.6 before FreePBX 14.0.10.3. In the Manager module form (html\admin\modules\manager\views\form.php), an unsanitized managerdisplay variable coming from the URL is reflected in HTML, leading to XSS. It can be requested via GET request to /config.php?type=tool&display=manager.
CVE-2019-16966 2 Freepbx, Sangoma 2 Contactmanager, Freepbx 2019-12-10 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x before 14.0.5.12, and 15.x before 15.0.8.21 for FreePBX 14.0.10.3. In the Contactmanager class (html\admin\modules\contactmanager\Contactmanager.class.php), an unsanitized group variable coming from the URL is reflected in HTML on 2 occasions, leading to XSS. It can be requested via a GET request to /admin/ajax.php?module=contactmanager.
CVE-2018-6393 1 Sangoma 1 Freepbx 2019-12-10 6.5 MEDIUM 7.2 HIGH
** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can "directly modify SQL tables ... [or] run shell scripts ... once ... logged in to the administration interface; there is no need to try to find input validation errors."
CVE-2014-7235 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2019-12-10 10.0 HIGH N/A
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.
CVE-2014-1903 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2019-12-10 7.5 HIGH N/A
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
CVE-2012-4870 1 Sangoma 1 Freepbx 2019-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to panel/flash/mypage.php; (5) PATH_INFO to admin/views/freepbx_reload.php; or (6) login parameter to recordings/index.php.
CVE-2012-4869 1 Sangoma 1 Freepbx 2019-12-10 7.5 HIGH N/A
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
CVE-2010-3490 1 Sangoma 1 Freepbx 2019-12-10 6.5 MEDIUM N/A
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root.
CVE-2009-1801 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2019-12-10 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to inject arbitrary web script or HTML via the (1) display parameter to reports.php, the (2) order and (3) extdisplay parameters to config.php, and the (4) sort parameter to recordings/index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-1803 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2019-12-10 5.0 MEDIUM N/A
FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, generates different error messages for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
CVE-2009-1802 2 Freepbx, Sangoma 2 Freepbx, Freepbx 2019-12-10 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact.
CVE-2017-17430 1 Sangoma 2 Netborder\/vega Session, Netborder\/vega Session Firmware 2019-10-02 7.5 HIGH 9.8 CRITICAL
Sangoma NetBorder / Vega Session Controller before 2.3.12-80-GA allows remote attackers to execute arbitrary commands via the web interface.
CVE-2008-6598 1 Sangoma 1 Wanpipe 2017-08-16 10.0 HIGH N/A
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic."