Tag Archives: injection

FreePBX security advisory for version 2.5.1

On 15/1/2010 a security advisory was released for FreePBX version 2.5.1 (and potentially earlier versions) concerning a SQL injection vulnerability. If you are running this version then I would suggest upgrading to version 2.5.2. You can find more details of the vulnerability here.

You can upgrade through the FreePBX GUI by using the module admin menu. Here are the steps –

* While FreePBX 2.6 is available please make sure you’re aware of any implications before updating to this version.

1 – Select the ‘Module Admin’ menu

2 – Click ‘Upgrade All’

3 – Click ‘Process’

4 – Click ‘Confirm’

5 – Click ‘Return’

6 -Click ‘Apply Changes’