📦 Fusionpbx

CVE-2022-28055 is a command injection vulnerability in FusionPBX's email log download function that allows authenticated attackers to execute arbitrary commands on the server. This affects all FusionP...

FusionPBX before version 4.5.30 contains a filename sanitization vulnerability in FAX file handling. Attackers can exploit risky characters in FAX filenames to potentially execute arbitrary code or ac...

CVE-2021-43406 is an input validation vulnerability in FusionPBX where the fax_post_size parameter accepts risky characters instead of being constrained to preset values. This allows attackers to pote...

This CVE describes a directory traversal vulnerability in FusionPBX 4.5.7 that allows authenticated remote attackers to delete arbitrary folders on the system. The vulnerability exists in the folderde...