Mark J Crane

14 exploits Active since Jun 2019
CVE-2019-16986 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Path Traversal via Unsanitized Download Parameter
In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php is also affected.)
CVSS 6.5
CVE-2019-11410 WRITEUP HIGH WRITEUP
FusionPBX 4.4.3 - Command Injection
app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute commands on the host.
CVSS 7.2
CVE-2019-16964 WRITEUP HIGH WRITEUP
FusionPBX < 4.5.7 - Authenticated OS Command Injection in Call Center Queue Module
app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers (with at least the permission call_center_queue_add or call_center_queue_edit) to execute any commands on the host as www-data.
CVSS 8.8
CVE-2019-16965 WRITEUP HIGH WRITEUP
FusionPBX < 4.5.7 - Authenticated OS Command Injection via cmd.php
resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.
CVSS 7.2
CVE-2019-16969 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Cross-Site Scripting via Unsanitized 'c' URL Parameter
In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS 6.1
CVE-2019-16978 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Cross-Site Scripting via Device Settings ID Parameter
In FusionPBX up to v4.5.7, the file app\devices\device_settings.php uses an unsanitized "id" variable coming from the URL, which is reflected on 2 occasions in HTML, leading to XSS.
CVSS 6.1
CVE-2019-16982 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Cross-Site Scripting via Unsanitized ID Parameter
In FusionPBX up to v4.5.7, the file app\access_controls\access_control_nodes.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS 6.1
CVE-2019-16984 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Cross-Site Scripting via Unsanitized Filename Parameter
In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php uses an unsanitized "filename" variable coming from the URL, which is base64 decoded and reflected in HTML, leading to XSS.
CVSS 6.1
CVE-2019-16986 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Path Traversal via Unsanitized Download Parameter
In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. (resources\secure_download.php is also affected.)
CVSS 6.5
CVE-2019-16989 WRITEUP MEDIUM WRITEUP
FusionPBX < 4.5.7 - Cross-Site Scripting via Unsanitized URL Parameter
In FusionPBX up to v4.5.7, the file app\conferences_active\conference_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVSS 6.1
CVE-2019-19384 WRITEUP MEDIUM WRITEUP
FusionPBX 4.4.1 - Cross-Site Scripting via Fax UUID Parameter
A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the fax_uuid parameter.
CVSS 6.1
CVE-2019-19386 WRITEUP MEDIUM WRITEUP
FusionPBX 4.4.1 - Cross-Site Scripting via Voicemail Greeting Edit Parameters
A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/voicemail_greeting_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the id and/or voicemail_id parameter.
CVSS 6.1
CVE-2019-19388 WRITEUP MEDIUM WRITEUP
FusionPBX 4.4.1 - Cross-Site Scripting via dialplan_uuid Parameter
A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_detail_edit.php in FusionPBX 4.4.1 allows remote attackers to inject arbitrary web script or HTML via the dialplan_uuid parameter.
CVSS 6.1
CVE-2020-21054 WRITEUP MEDIUM WRITEUP
FusionPBX 4.5.7 - Cross-Site Scripting via Unsanitized 'f' Variable
Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows remote malicious users to inject arbitrary web script or HTML via an unsanitized "f" variable in app\vars\vars_textarea.php.
CVSS 6.1