CVE-2005-3824

CVE-2005-3824

EPSS 1.5%

The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://marc.info/?l=full-disclosure&m=113290708121951&w=2 http://secunia.com/advisories/17693 http://securitytracker.com/id?1015274 http://www.securityfocus.com/archive/1/417711/30/0/threaded http://www.securityfocus.com/bid/15569 http://www.vupen.com/english/advisories/2005/2569