AI Score
Confidence
High
EPSS
Percentile
88.2%
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
packetstormsecurity.com/files/128030/XRMS-Blind-SQL-Injection-Command-Execution.html
seclists.org/fulldisclosure/2014/Aug/78
www.exploit-db.com/exploits/34452
www.openwall.com/lists/oss-security/2014/08/27/4
www.openwall.com/lists/oss-security/2014/08/29/1