Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation that allows authenticated non-administrative attackers to execute commands on the host. This can further lead to remote code execution when combined with an XSS vulnerability also present in the FusionPBX Operator Panel module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FusionPBX Operator Panel模块跨站脚本漏洞
Vulnerability Description
FusionPBX是一套可扩展、多线程的通信平台。 该平台可作为呼叫中心服务器、传真服务器、voip服务器、语音邮件服务器、会议服务器和语音应用服务器等。Operator Panel module是其中的一个操作面板模块。该平台可作为呼叫中心服务器、传真服务器、voip服务器、语音邮件服务器、会议服务器和语音应用服务器等。 FusionPBX 4.4.3版本中的Operator Panel模块的app/operator_panel/exec.php文件存在跨站脚本漏洞,该漏洞源于程序缺少输入验证检测。攻击
CVSS Information
N/A
Vulnerability Type
N/A