Lucene search
MitreCVELIST:CVE-2013-3213HistoryApr 02, 2014 - 2:00 p.m.
CVE-2013-3213
2014-04-0214:00:00
mitre
raw.githubusercontent.com
1
Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_list method to soap/customerportal.php, or (3) emailaddress parameter in the SearchContactsByEmail method to soap/vtigerolservice.php; or remote authenticated users to execute arbitrary SQL commands via the (4) emailaddress parameter in the SearchContactsByEmail method to soap/thunderbirdplugin.php.
Related
openvas
openvas
Vtiger CRM Multiple SQLi Vulnerabilities (Apr 2014)
2014-04-17 00:00:00
dsquare
dsquare
vtiger CRM 5.4.0 get_picklists SQLi
2014-03-10 00:00:00
vtiger CRM 5.4.0 get_tickets_list SQLi
2014-03-10 00:00:00
securityvulns
securityvulns
prion
prion
Sql injection
2014-04-02 16:05:00
cve
cve
CVE-2013-3213
2014-04-02 16:05:49
seebug
seebug
vtiger CRM <= 5.4.0 (SOAP Services) - Multiple Vulnerabilities
2014-07-01 00:00:00
exploitpack
exploitpack
vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities
2013-08-02 00:00:00
zdt
zdt
vtiger CRM <= 5.4.0 (SOAP Services) - Multiple Vulnerabilities
2013-08-03 00:00:00
exploitdb
exploitdb
vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities
2013-08-02 00:00:00