CVE-2009-1802

Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:freepbx:freepbx:2.4:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.4.0_beta1:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.4.0_beta2:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.5:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.5.0_beta1:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.5.0rc2:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.5.0rc3:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:freepbx:freepbx:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:freepbx:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:freepbx:2.5.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-05-28 14:30

Updated : 2024-02-04 17:33


NVD link : CVE-2009-1802

Mitre link : CVE-2009-1802

CVE.ORG link : CVE-2009-1802


JSON object : View

Products Affected

freepbx

  • freepbx

sangoma

  • freepbx
CWE
CWE-352

Cross-Site Request Forgery (CSRF)