what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files

FreePBX 10.13.66 Remote Command Execution / Privilege Escalation
Posted Oct 22, 2016
Authored by Christopher Davis

FreePBX version 10.13.66 suffers from remote command execution and privilege escalation vulnerabilities.

tags | exploit, remote, vulnerability
SHA-256 | 0e78946ab50b06ff02464f83d40a65173f267a943a054ee0e20ccb5441084794

Related Files

FreePBX Remote Code Execution
Posted Jan 9, 2017
Authored by inj3ctor3

FreePBX versions prior to 2.11.1.5 suffer from a code execution vulnerability.

tags | exploit, code execution
advisories | CVE-2014-7235
SHA-256 | df5146d88c9939c5e6bb4891ce781d0b992577957681a469bc8626811f5cd64e
FreePBX Remote Command Execution
Posted Sep 28, 2016
Authored by Ahmed Sultan

FreePBX versions prior to 13.0.188 remote root exploit.

tags | exploit, remote, root
SHA-256 | c50d60263569d98ac322bb608bf8b7cb2500c42bb78316971aa0bc255d1c9a75
FreePBX 13.0.x Code Execution
Posted Sep 7, 2016
Authored by i-Hmx

FreePBX versions prior to 13.0.154 suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 319c000813d183950d7b33d2c579b62062547a307f38619721fde20f435e3458
Freepbx 13.0.35 SQL Injection
Posted Aug 29, 2016
Authored by i-Hmx

Freepbx version 13.0.35 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f71cd00e2fd0cddbaa2279de836b448a9e77c13832747b5c8571efd07ff97030
FreePBX 13.0.35 Remote Code Execution
Posted Aug 25, 2016
Authored by Ahmed Sultan

FreePBX version 13.0.35 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 9f37827142bf53b0013d7940253b895919f35fe0422d0f437e0b24e641c86bbd
FreePBX 13 / 14 Remote Command Execution
Posted Aug 12, 2016
Authored by pgt | Site nullsecurity.net

FreePBX versions 13 and 14 remote command execution exploit.

tags | exploit, remote
SHA-256 | c79a97241bdd04c65cedc2b0e939895e14322014e67f5998b5132b036e7d75ac
FreePBX 12.0.43 Cross Site Scripting
Posted Apr 22, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

FreePBX version 12.0.43 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-2690
SHA-256 | d9d53b3b7599d87fc38d7ee9ff08ed12b0135076e823739c358307a8c50d03b8
FreePBX Authentication Bypass / Account Creation
Posted Oct 1, 2014
Authored by Rob Thomas

A remote attacker can bypass authentication and create a false FreePBX Administrator account, which will then let them perform any action on a FreePBX system as the FreePBX user (which is often 'asterisk' or 'apache'). As of 2014/10/01 all versions of FreePBX are affected.

tags | advisory, remote, bypass
SHA-256 | 260d4b01eefece16b936fcbf58b1831d277210366a095cd34a9abbeb2d4109df
FreePBX config.php Remote Code Execution
Posted Mar 25, 2014
Authored by i-Hmx, 0x00string | Site metasploit.com

This Metasploit module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args".

tags | exploit, arbitrary, php
advisories | CVE-2014-1903
SHA-256 | 1c02024d4a3f7042c08772f0fe212d3e817f272a686805a55db99a37717d3b29
FreePBX 2.x Remote Command Execution
Posted Feb 24, 2014
Authored by i-Hmx

FreePBX versions before 2.3 suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 1b6ab5d6eea2edb5fba249fb2cfe50bfe3208ae7e99bf070ba3cfb23ec2b8e63
FreePBX 2.9 Remote Code Execution
Posted Feb 14, 2014
Authored by Rob Thomas

FreePBX version 2.9 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2014-1903
SHA-256 | d2b9cce20ce59a9ea58ad61bcebc7faee7331c69e786ddbe3786953df0a89e60
FreePBX 2.x Code Execution
Posted Feb 11, 2014
Authored by i-Hmx

FreePBX 2.x suffers from a remote PHP code execution vulnerability due to a poor file validation methodology.

tags | advisory, remote, php, code execution
SHA-256 | 20c5cc704d10be24460de25cdb7eff337ee9976184e28a9640960869ae57d7d7
FreePBX 2.9 Remote Command Execution
Posted Apr 27, 2013
Authored by Ahmed Aboul-Ela

FreePBX version 2.9 suffers from a backup module remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 0f737c88245ed86d1ced573e55dc41069885055dbdb06ade39b3d6fddb9f0145
Secunia Security Advisory 48475
Posted Mar 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in FreePBX, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 3e11e605551ce5aea6d41b5e3cfa6d51aef462e3688ddc49c631f9626177878e
Secunia Security Advisory 48463
Posted Mar 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in FreePBX, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | c63114d25e7f9af0569218dad87683e917da1784e07212f2fe8a4a747188bbc7
FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
Posted Mar 26, 2012
Authored by muts | Site metasploit.com

This Metasploit module exploits FreePBX version 2.10.0,2.9.0 and possibly older. Due to the way callme_page.php handles the 'callmenum' parameter, it is possible to inject code to the '$channel' variable in function callme_startcall in order to gain remote code execution. Please note in order to use this module properly, you must know the extension number, which can be enumerated or bruteforced, or you may try some of the default extensions such as 0 or 200. Also, the call has to be answered (or go to voice). Tested on both Elastix and FreePBX ISO image installs.

tags | exploit, remote, php, code execution
SHA-256 | 732f9a89390a847e9a30d1b733961bd71e76e38457ac805770011388b929d0cc
FreePBX 2.10.0 / Elastic 2.2.0 Remote Code Execution
Posted Mar 23, 2012
Authored by muts

FreePBX version 2.10.0 and Elastic version 2.2.0 remote root code execution exploit.

tags | exploit, remote, root, code execution
SHA-256 | 984ef9b4d46d202068534bc7c0391749912cfe24b026e014bc264260d6e0af46
FreePBX 2.10.0 Remote Command Execution / XSS
Posted Mar 21, 2012
Authored by Martin Tschirsich

FreePBX versions 2.10.0, 2.9.0, and perhaps earlier versions suffer from cross site scripting and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss
SHA-256 | c0dc63cbf6a988c5ad9949e03b41cdc392dd8ee9f96e32b725cc523d6c490d96
FreePBX Credential Disclosure
Posted Feb 15, 2012
Authored by Doug W

FreePBX suffers from a remote credential disclosure vulnerability via the web interface.

tags | exploit, remote, web, info disclosure
SHA-256 | 986a288fdcbc5a09424b1c75b72e3a792b623c2cfae4c5430ae2a3d6ac579056
FreePBX 2.9.0.6 Shell Upload
Posted Jun 9, 2011
Authored by Tiago Ferreira

FreePBX version 2.9.0.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | cb8226143db3ebda4bebf218daf1ea53d4eaae1e51fdd173018111166c720280
Secunia Security Advisory 41556
Posted Sep 27, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in FreePBX, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | ed8f5fab4915b01c648bcab362b0e5e79246bf18310da9af0d967072c3aced9f
FreePBX 2.8.0 Code Execution
Posted Sep 24, 2010
Authored by Trustwave | Site trustwave.com

FreePBX versions 2.8.0 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2010-3490
SHA-256 | d839195f9db7fa9e1b80afddfe9fb68b622f5255ab3e52b81e30ba662b8c23e6
Secunia Security Advisory 41558
Posted Sep 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in FreePBX, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 6399efce66e098af0e3a7aadd499306b1d999ba3b90f0c7a37ccc44393057f1e
Secunia Security Advisory 38300
Posted Jan 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FreePBX, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 0f17e44a2df277fcd515c24d933418bdcca497366bfa2c733a61e79984fc4301
Secunia Security Advisory 38299
Posted Jan 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FreePBX, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | a56d3d3579229e70f753614ace04cb3deb9db09d245d4023282d54a50dc50565
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close