CVE-2005-3824

CVE-2005-3824

EPSS 1.5%

The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://marc.info/?l=full-disclosure&m=113290708121951&w=2 http://secunia.com/advisories/17693 http://securitytracker.com/id?1015274 http://www.securityfocus.com/archive/1/417711/30/0/threaded http://www.securityfocus.com/bid/15569 http://www.vupen.com/english/advisories/2005/2569