resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative malicious users to execute any commands on the host as www-data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fusionpbx fusionpbx |