Lucene search
SAINT CorporationSAINT:D3CD7B9301946846EF28CE959B32D7C3HistoryJan 10, 2014 - 12:00 a.m.
vTiger CRM AddEmailAttachment arbitrary file upload
2014-01-1000:00:00
SAINT Corporation
www.saintcorporation.com
11
0.85 High
EPSS
Percentile
98.5%
Added: 01/10/2014
CVE: CVE-2013-3214
BID: 61558
OSVDB: 95902
Background
vTiger CRM is a customer relationship management application written in PHP.
Problem
An arbitrary file upload vulnerability when handling SOAP AddEmailAttachment requests allows remote attackers to execute arbitrary commands by uploading PHP scripts under the web root.
Resolution
Upgrade to version 6.0 when available, or apply the patch. Note that the patch only prevents exploitation by unauthenticated attackers.
References
<http://seclists.org/bugtraq/2013/Aug/7>
Limitations
Exploit works on vTiger CRM 5.4.0.
Related
prion
prion
Code injection
2020-01-28 21:15:00
cvelist
cvelist
CVE-2013-3214
2020-01-28 20:27:32
securityvulns
securityvulns
saint
saint
vTiger CRM AddEmailAttachment arbitrary file upload
2014-01-10 00:00:00
vTiger CRM AddEmailAttachment arbitrary file upload
2014-01-10 00:00:00
vTiger CRM AddEmailAttachment arbitrary file upload
2014-01-10 00:00:00
seebug
seebug
vTiger CRM SOAP AddEmailAttachment任意文件上传漏洞
2014-01-08 00:00:00
vtiger CRM <= 5.4.0 (SOAP Services) - Multiple Vulnerabilities
2014-07-01 00:00:00
cve
cve
CVE-2013-3214
2020-01-28 21:15:11
openvas
openvas
vTiger CRM PHP Code Injection Vulnerability
2014-01-30 00:00:00
nvd
nvd
CVE-2013-3214
2020-01-28 21:15:11
zdt
zdt
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload Vulnerability
2014-01-07 00:00:00
vtiger CRM <= 5.4.0 (SOAP Services) - Multiple Vulnerabilities
2013-08-03 00:00:00
dsquare
dsquare
vtiger CRM 5.4.0 File Upload
2014-03-10 00:00:00
packetstorm
packetstorm
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
2014-01-07 00:00:00
exploitpack
exploitpack
vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities
2013-08-02 00:00:00
exploitdb
exploitdb
vTiger CRM 5.4.0 SOAP - Multiple Vulnerabilities
2013-08-02 00:00:00