FreePBX System Recordings Menu Arbitrary File Upload Vulnerability

Bugtraq ID: 43454
Class: Input Validation Error
CVE: CVE-2010-3490
Remote: Yes
Local: No
Published: Sep 23 2010 12:00AM
Updated: Sep 24 2010 03:11PM
Credit: Wendel G. Henrique of Trustwave's SpiderLabs
Vulnerable: freePBX freePBX 2.5.2
freePBX freePBX 2.5.1
freePBX freePBX 2.4.1
freePBX freePBX 2.2.1
freePBX freePBX 2.2 rc1
freePBX freePBX 2.1.3
freePBX freePBX trunk
freePBX freePBX 2.8.0
freePBX freePBX 2.6
freePBX freePBX 2.5
freePBX freePBX 2.4
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus