CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 7CVE-2009-3249 – vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-3249
Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the module parameter to graph.php; or the (2) module or (3) file parameter to include/Ajax/CommonAjax.php, reachable through modules/Campaigns/CampaignsAjax.php, modules/SalesOrder/SalesOrderAjax.php, modules/System/SystemAjax.php, modules/Products/ProductsAjax.php, modules/uploads/uploadsAjax.php, modules/Dashboard/DashboardAjax.php, modules/Potentials/PotentialsAjax.php, modules/Notes/NotesAjax.php, modules/Faq/FaqAjax.php, modules/Quotes/QuotesAjax.php, modules/Utilities/UtilitiesAjax.php, modules/Calendar/ActivityAjax.php, modules/Calendar/CalendarAjax.php, modules/PurchaseOrder/PurchaseOrderAjax.php, modules/HelpDesk/HelpDeskAjax.php, modules/Invoice/InvoiceAjax.php, modules/Accounts/AccountsAjax.php, modules/Reports/ReportsAjax.php, modules/Contacts/ContactsAjax.php, and modules/Portal/PortalAjax.php; and allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the step parameter in an Import action to the (4) Accounts, (5) Contacts, (6) HelpDesk, (7) Leads, (8) Potentials, (9) Products, or (10) Vendors module, reachable through index.php and related to modules/Import/index.php and multiple Import.php files. Múltiples vulnerabilidades de salto de directorio en vtiger CRM versión 5.0.4, permiten a los atacantes remotos incluir y ejecutar archivos locales arbitrarios por medio de un .. (punto punto) en (1) el parámetro module en el archivo graph.php; o el parámetro (2 ) module o (3) file en el archivo include/Ajax/CommonAjax.php, accesible por medio de los archivos modules/Campaigns/CampaignsAjax.php, modules/SalesOrder/SalesOrderAjax.php, modules/System/SystemAjax.php, modules/Products/ProductsAjax.php, modules/uploads/uploadsAjax.php, modules/Dashboard/DashboardAjax.php, modules/Potentials/PotentialsAjax.php, modules/Notes/ NotesAjax.php, modules/Faq/FaqAjax.php, modules/Quotes/QuotesAjax.php, modules/Utilities/UtilitiesAjax.php, modules/Calendar/ActivityAjax.php, modules/Calendar/CalendarAjax.php, modules/PurchaseOrder/PurchaseOrderAjax.php, modules/ HelpDesk/HelpDeskAjax.php, modules/Invoice/InvoiceAjax.php, modules/Accounts/AccountsAjax.php, modules/Reports/ReportsAjax.php, modules/Contacts/ContactsAjax.php y modules/Portal/PortalAjax.php; y permitir que los usuarios autenticados remotos incluyan y ejecuten archivos locales arbitrarios por medio de un .. • https://www.exploit-db.com/exploits/9450 https://www.exploit-db.com/exploits/16280 http://marc.info/?l=bugtraq&m=125060676515670&w=2 http://secunia.com/advisories/36309 http://securityreason.com/securityalert/8118 http://www.exploit-db.com/exploits/9450 http://www.osvdb.org/57239 http://www.securityfocus.com/bid/36062 http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt http:// • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2008-3101 – vTiger CRM 5.0.4 - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3101
Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) the parenttab parameter in an index action to the Products module, as reachable through index.php; (2) the user_password parameter in an Authenticate action to the Users module, as reachable through index.php; or (3) the query_string parameter in a UnifiedSearch action to the Home module, as reachable through index.php. Multiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en vtiger CRM 5.0.4 permiten a atacantes remotos inyectar web script o HTML a través del parámetro (1) parenttab en una acción index del módulo Products, como se llega a través de index.php; (2) el parámetro user_password en una acción Authenticate del módulo Users, como se llega a través de index.php; o (3) el parámetro query_string en una acción UnifiedSearch del módulo Home, como se llega a través de index.php. vtigerCRM version 5.0.4 suffers from multiple cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/32307 http://secunia.com/advisories/31679 http://securityreason.com/securityalert/4208 http://www.datensalat.eu/~fabian/cve/CVE-2008-3101-vtigerCRM.html http://www.securityfocus.com/archive/1/495885/100/0/threaded http://www.securityfocus.com/bid/30951 http://www.vtiger.de/vtiger-crm/downloads/patches.html?tx_abdownloads_pi1%5Baction%5D=getviewdetailsfordownload&tx_abdownloads_pi1%5Buid%5D=128&tx_abdownloads_pi1%5Bcategory_uid%5D=5&cHash=e16be773a5 http:// • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2008-3458
https://notcve.org/view.php?id=CVE-2008-3458
Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory. Vtiger CRM versiones anteriores a 5.0.4 almacena información sensible bajo la raíz web con insuficiente control de acceso, lo cual permite a atacantes remotos leer plantillas combinadas de mail a través de una petición directa al directorio wordtemplatedownload. • http://secunia.com/advisories/28370 http://sourceforge.net/project/shownotes.php?release_id=567189 http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/11811 http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2107 http://wiki.vtiger.com/index.php/Vtiger_CRM_5.0.4_-_Release_Notes http://www.osvdb.org/40218 http://www.securityfocus.com/bid/27228 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3604
https://notcve.org/view.php?id=CVE-2007-3604
vtiger CRM before 5.0.3 allows remote authenticated users with access to the Analytics DashBoard menu to bypass data restrictions and read the pipeline of the entire organization, possibly involving modules/Potentials/Potentials.php. vtiger CRM versiones anteriores a 5.0.3 permite a usuarios remotos autenticados con acceso al menú Analytics DashBoard evitar restricciones de datos y leer la lista de acciones próximas de la organización entera, posiblemente involucrando modules/Potentials/Potentials.php. • http://forums.vtiger.com/viewtopic.php?p=44717 http://osvdb.org/45783 http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10423 http://trac.vtiger.com/cgi-bin/trac.cgi/report/9 http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3196 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3617
https://notcve.org/view.php?id=CVE-2007-3617
The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries. El módulo informe en vtiger CRM versiones anteriores a 5.0.3 no aplica apropiadamente las reglas de seguridad, lo cual permite a usuarios remotos autenticados leer entradas de módulo privadas de su elección. • http://osvdb.org/45804 http://trac.vtiger.com/cgi-bin/trac.cgi/report/9 http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2692 •