CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 3CVE-2016-1713 – Vtiger CRM 6.3.0 - (Authenticated) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2016-1713
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000. Vulnerabilidad de subida de archivos sin restricciones en Vtger CRM 6.4.0 en Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php permite a los usuarios autenticados remotos ejecutar código arbitrario subiendo un archivo de imagen elaborado con una extensión ejecutable y accediendo a ella a través de una solicitud directa al archivo en test/logo/. NOTA: esta vulnerabilidad existe debido a una corrección incompleta para CVE-2015-6000. • https://www.exploit-db.com/exploits/44379 https://www.exploit-db.com/exploits/38345 http://b.fl7.de/2016/01/vtiger-crm-6.4-auth-rce.html http://www.openwall.com/lists/oss-security/2016/01/12/4 http://www.openwall.com/lists/oss-security/2016/01/12/7 - • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4834
https://notcve.org/view.php?id=CVE-2016-4834
modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does not properly restrict user-save actions, which allows remote authenticated users to create or modify user accounts via unspecified vectors. modules/Users/actions/Save.php en Vtiger CRM 6.4.0 y versiones anteriores no restringe adecuadamente acciones user-save, lo que permite a usuarios remotos autenticados crear o modificar cuentas de usuarios a través de vectores no especificados. • http://code.vtiger.com/vtiger/vtigercrm/commit/7cdf9941197b4aa58114eafce3ce88fb418eb68c http://jvn.jp/en/jp/JVN01956993/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2016-000126 http://www.securityfocus.com/bid/92076 http://www.securitytracker.com/id/1036485 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 3CVE-2015-6000 – vTiger CRM 6.3.0 - (Authenticated) Remote Code Execution
https://notcve.org/view.php?id=CVE-2015-6000
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/. Una vulnerabilidad de carga de archivos sin restricciones en la clase Settings_Vtiger_CompanyDetailsSave_Action en el archivo modules/Settings/Vtiger/actions/CompanyDetailsSave.php en Vtiger CRM versiones 6.3.0 y anteriores, permite a usuarios autenticados remotos ejecutar código arbitrario mediante la carga de un archivo con una extensión ejecutable, y luego acceder a él por medio de un petición directa al archivo en test/logo/. Vtiger CRM versions 6.3 and below suffer from an authenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/38345 http://b.fl7.de/2015/09/vtiger-crm-authenticated-rce-cve-2015-6000.html http://www.securityfocus.com//archive/1/536563/100/0/threaded - • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.4EPSS: 29%CPEs: 1EXPL: 1CVE-2014-2269
https://notcve.org/view.php?id=CVE-2014-2269
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters. modules/Users/ForgotPassword.php en vTiger 6.0 anterior a Security Patch 2 permite a atacantes remotos restablecer la contraseña para usuarios arbitrarios a través de una solicitud que contiene los parámetros username, password y confirmPassword. • http://vtiger-crm.2324883.n4.nabble.com/Vtigercrm-developers-IMP-forgot-password-and-re-installation-security-fix-tt9786.html http://www.securityfocus.com/bid/66758 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 96%CPEs: 30EXPL: 3CVE-2014-2268 – Vtiger - 'Install' Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-2268
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP code via the db_name parameter. views/Index.php en el módulo de instalación en vTiger 6.0 anterior a Security Patch 2 no restringe correctamente el acceso, lo que permite a atacantes remotos re-instalar la aplicación a través de una serie de peticiones configuradas como cabecera tipo X-Requested-With HTTP, como se demostró ejecutando código arbitrario a través del parámetro db_name. • https://www.exploit-db.com/exploits/32794 http://vtiger-crm.2324883.n4.nabble.com/Vtigercrm-developers-IMP-forgot-password-and-re-installation-security-fix-tt9786.html http://www.exploit-db.com/exploits/32794 http://www.securityfocus.com/bid/66757 https://www.navixia.com/blog/entry/navixia-find-critical-vulnerabilities-in-vtiger-crm-cve-2014-2268-cve-2014-2269.html • CWE-264: Permissions, Privileges, and Access Controls •