← back
CVE-2005-3823

CVE-2005-3823

EPSS 1.7%
The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=full-disclosure&m=113290708121951&w=2http://secunia.com/advisories/17693http://securitytracker.com/id?1015274http://www.securityfocus.com/archive/1/417711/30/0/threadedhttp://www.securityfocus.com/bid/15569http://www.vupen.com/english/advisories/2005/2569