Known vulnerabilities in FreePBX FreePBX

Vendor: FreePBX

Website: https://www.freepbx.org/

Total Security Bulletins: 6

Security bulletins (6)

Secuity bulletin	Severity	Status	Published
SB2025082906: SQL injection in FreePBX	Critical	Patched Exploited	29.08.2025
SB2019112173: Improper Authentication in Sangoma FreePBX	High	Patched Exploited	21.11.2019
SB2019062011: Cross-site scripting in FreePBX	Low	Patched	20.06.2019
SB2014093001: Remote code execution in FreePBX	Critical	Patched Public exploit	30.09.2014
SB2014021802: Permissions, Privileges, and Access Controls in FreePBX	Medium	Patched Public exploit	18.02.2014
SB2012090603: Code Injection in FreePBX	Medium	Patched Public exploit	06.09.2012