Vulnerabilidades em FreePBX
31 resultadosCVE-2025-55209MEDIUMFreePBX UCP is Vulnerable to Stored XSS Through its User Control PanelEPSS 0.3%CVE-2026-28210HIGHFreePBX: Authenticated SQL Injection in CDR (Call Data Record) ReportsEPSS 0.3%CVE-2025-55210LOWFreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional ScopesEPSS 0.3%CVE-2026-44238HIGHFreePBX: Authenticated SQL Injection via ORDER BY in CDR ReportsEPSS 0.3%CVE-2026-44239HIGHFreePBX: Authenticated Local File Inclusion in Dashboard ModuleEPSS 0.3%CVE-2026-28284HIGHFreePBX: Authenticated SQL Injection Vulnerabilities in FreePBX Logfiles ModuleEPSS 0.2%CVE-2025-62173HIGHAuthenticated SQL Injection in Endpoint Module Rest APIEPSS 0.2%CVE-2025-67513MEDIUMFreePBX Endpoint Manager's Weak Default Password Allows Unauthenticated Access in Endpoint Module REST APIEPSS 0.2%CVE-2026-44237HIGHFreePBX: Authenticated Access can lead to Subsequent OAuth2 Authentication Bypass in API ModuleEPSS 0.2%CVE-2025-59429HIGHFreePBX core module vulnerable to reflected cross-site scripting via Asterisk HTTP Status pageEPSS 0.2%CVE-2025-67722MEDIUMAuthenticated amportal search for ‘freepbx_engine’ in non root writeable directories leads to potential privilege escalationEPSS 0.1%