CVE

Id
58112  
CVE No.
CVE-2012-4869  
Status
Candidate  
Description
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.  
Phase
Assigned (20120906)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
597169 58112 CVE-2012-4869 EXPLOIT-DB:18649  View
597170 58112 CVE-2012-4869 URL:http://www.exploit-db.com/exploits/18649  View
597171 58112 CVE-2012-4869 EXPLOIT-DB:18659  View
597172 58112 CVE-2012-4869 URL:http://www.exploit-db.com/exploits/18659  View
597173 58112 CVE-2012-4869 FULLDISC:20120320 FreePBX remote command execution, xss  View
597174 58112 CVE-2012-4869 URL:http://seclists.org/fulldisclosure/2012/Mar/234  View
597175 58112 CVE-2012-4869 MISC:http://packetstormsecurity.org/files/111028/FreePBX-2.10.0-Remote-Command-Execution-XSS.html  View
597176 58112 CVE-2012-4869 CONFIRM:http://www.freepbx.org/trac/ticket/5711  View
597177 58112 CVE-2012-4869 BID:52630  View
597178 58112 CVE-2012-4869 URL:http://www.securityfocus.com/bid/52630  View
597179 58112 CVE-2012-4869 SECUNIA:48463  View
597180 58112 CVE-2012-4869 URL:http://secunia.com/advisories/48463  View
597181 58112 CVE-2012-4869 XF:freepbx-callmepage-command-exec(74174)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
28480 JVNDB-2012-004187 Another WordPress Classifieds Plugin における脆弱性 Another WordPress Classifieds Plugin には、"画像のアップロード (image uploads)" に関する処理に不備があるため、不特定の影響を受ける脆弱性が存在します。 CVE-2012-4874 58112 10 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004187.html  View