2019-06-20 16:29:38
mitre
PUBLISHED
FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.php?display=disa&view=form page.