Full title: FreePBX config.php Remote Code Execution Vulnerability 
Category: remote exploits
Platform: php
This Metasploit module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args".

# 0day.today @ http://0day.today/