CVSS: 6.0EPSS: 1%CPEs: 25EXPL: 0CVE-2010-3909 – Vtiger CRM 5.2.0 Code Execution / Cross Site Scripting / Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-3909
Incomplete blacklist vulnerability in config.template.php in vtiger CRM before 5.2.1 allows remote authenticated users to execute arbitrary code by using the draft save feature in the Compose Mail component to upload a file with a .phtml extension, and then accessing this file via a direct request to the file in the storage/ directory tree. Vulnerabilidad de la lista negra incompleta en config.template.php en vtiger CRM antes de v5.2.1 permite a usuarios remotos autenticados ejecutar código arbitrario mediante la característica de guardado de borrador en el componente Compose Mail para cargar un archivo con extensión .phtml, y luego acceder a este archivo a través de una solicitud directa al archivo en el almacenamiento / árbol de directorios. Vtiger CRM 5.2.0 suffers from code execution, cross site scripting and local file inclusion vulnerabilities. • http://secunia.com/advisories/42246 http://vtiger.com/blogs/2010/11/16/vtiger-crm-521-is-released http://wiki.vtiger.com/index.php/Vtiger521:Release_Notes http://www.securityfocus.com/archive/1/514846/100/0/threaded http://www.ush.it/team/ush/hack-vtigercrm_520/vtigercrm_520.txt • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 1CVE-2009-3257
https://notcve.org/view.php?id=CVE-2009-3257
vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the (1) Account Billing Address and (2) Shipping Address fields in a profile by creating a Sales Order (SO) associated with that profile. vtiger CRM anteriores a v5.1.0 permite a usuarios remotos autenticados evitar los permisos de los campos (1) Cuenta de dirección de pago y (2) Dirección de envío en un perfil de Orden de Ventas (SO) asociado con aquel perfil. • http://secunia.com/advisories/36309 http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5055 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 23EXPL: 0CVE-2009-3258
https://notcve.org/view.php?id=CVE-2009-3258
vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors. vtiger CRM anteriores a v5.1.0 permite a usuarios autenticados, con algunos privilegios de Vista, borrar (1) adjuntos, (2) informes, (3) filtros, (4) Vistas, y (5) tickets; insertar (6) adjuntos, (7) informes, (8) filtros, (9) vistas, y (10) tickets; y editar (11) informes, (12) filtros, (13) vistas, y (14) tickets a través de vectores sin especificar. • http://forums.vtiger.com/viewtopic.php?t=15094 http://forums.vtiger.com/viewtopic.php?t=16756 http://secunia.com/advisories/36309 http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5249 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 5%CPEs: 1EXPL: 5CVE-2009-3250 – vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-3250
The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/. El procedimiento "saveForwardAttachments" de la funcionalidad "Crear correo" de vtiger CRM v5.0.4 permite a usuarios remotos autenticados ejecutar código de su elección creando un mensaje de correo electrónico con un fichero adjunto cuyo nombre acabe en (1) .php en entornos basados en configuraciones determinadas del servidor HTTP Apache, (2) .php. en Windows, o (3) .php/ en Linux; y, a continuación, realizando una petición directa a una ruta de directorio bajostorage/. • https://www.exploit-db.com/exploits/9450 http://marc.info/?l=bugtraq&m=125060676515670&w=2 http://secunia.com/advisories/36309 http://www.exploit-db.com/exploits/9450 http://www.osvdb.org/57237 http://www.securityfocus.com/bid/36062 http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt http://www.vupen.com/english/advisories/2009/2319 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 3%CPEs: 1EXPL: 7CVE-2009-3248 – vTiger CRM 5.0.4 - Remote Code Execution / Cross-Site Request Forgery / Local File Inclusion / Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-3248
Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en el módulo RSS de vtiger CRM v5.0.4, permite a atacantes remotos secuestrar la autenticación de los usuarios Admin para solicitudes que modifican el sistema de fuentes de noticias a través del parámetro rssurl en una acción Save -guardar- en index.php. • https://www.exploit-db.com/exploits/9450 http://marc.info/?l=bugtraq&m=125060676515670&w=2 http://secunia.com/advisories/36309 http://www.exploit-db.com/exploits/9450 http://www.osvdb.org/57238 http://www.securityfocus.com/bid/36062 http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities http://www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt http://www.vupen.com/english/advisories/2009/2319 • CWE-352: Cross-Site Request Forgery (CSRF) •