FreePBX System Recordings Menu Arbitrary File Upload Vulnerability

FreePBX is prone to an arbitrary file-upload vulnerability because it fails to properly sanitize user-supplied input.

An attacker can leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the webserver.

FreePBX 2.8.0 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus