Sangoma FreePBX 2.9
Approved changes feed: RSS · Atom
cpe:2.3:a:sangoma:freepbx:2.9:*:*:*:*:*:*:*
part: a version: 2.9 update: *
| Vendor | Sangoma (d67f1eae-5751-5e76-a443-3846a37ebaf1) |
|---|---|
| Product | Freepbx (e9bb594c-71db-5304-9653-3ac665826160) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:freepbx/freepbx/framework |
purl2cpe | 2026-06-01 10:12:27.455793 |
pkg:github/freepbx/framework |
purl2cpe | 2026-06-01 10:12:27.455794 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-1903 |
vulnerable | 2026-06-03 14:33:48.950846 |
Details available
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
Published: 2014-02-18T11:00:00.000Z
Updated: 2024-08-06T09:58:14.499Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-4869 |
vulnerable | 2026-06-03 14:32:26.010639 |
Details available
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
Published: 2012-09-06T17:00:00.000Z
Updated: 2024-08-06T20:50:17.817Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.