Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2020-21055
Disclosure Date: May 20, 2021 (last updated February 22, 2025)
A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filerename.php.
0
Attacker Value
Unknown
CVE-2020-21054
Disclosure Date: May 20, 2021 (last updated February 22, 2025)
Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php.
0
Attacker Value
Unknown
CVE-2020-21057
Disclosure Date: May 20, 2021 (last updated February 22, 2025)
Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a remote malicious user to delete folders on the system via the folder variable to app/edit/folderdelete.php.
0
Attacker Value
Unknown
CVE-2020-21056
Disclosure Date: May 20, 2021 (last updated February 22, 2025)
Directory Traversal vulnerability exists in FusionPBX 4.5.7, which allows a remote malicious user to create folders via the folder variale to app\edit\foldernew.php.
0
Attacker Value
Unknown
CVE-2020-21053
Disclosure Date: May 20, 2021 (last updated February 22, 2025)
Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "query_string" variable in app\devices\device_imports.php.
0
