Lucene search
K

638 matches found

Cvelist
Cvelist
added 2007/07/06 7:0 p.m.16 views

CVE-2007-3599

vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission...

6AI score0.01291EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/07/06 7:0 p.m.22 views

CVE-2007-3598

index.php in vtiger CRM before 5.0.3 allows remote authenticated users to obtain all users' names and e-mail addresses, and possibly change user settings, via a modified record parameter in a DetailView action to the Users module. NOTE: the vendor disputes the changing of settings, reporting that...

6.5AI score0.00966EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/07/06 7:0 p.m.21 views

CVE-2007-3601

vtiger CRM before 5.0.3, when a migrated build is used, allows remote authenticated users to read certain other users' calendar activities via a 1 home page or 2 event list view...

6.1AI score0.00842EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/10/16 12:0 a.m.28 views

FreeBSD : vtiger -- multiple remote file inclusion vulnerabilities (2c8a84d9-5bee-11db-a5ae-00508d6a62df)

Dedi Dwianto a.k.a theday reports : Input passed to the '$calpath' parameter in update.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS5.7AI score0.07811EPSS
Exploits1References4
NVD
NVD
added 2006/10/13 8:7 p.m.15 views

CVE-2006-5289

Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the calpath parameter to 1 modules/Calendar/admin/update.php, 2 modules/Calendar/admin/scheme.php, or 3 modules/Calendar/calendar.php...

7.5CVSS7.6AI score0.07811EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/10/13 8:0 p.m.25 views

CVE-2006-5289

Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the calpath parameter to 1 modules/Calendar/admin/update.php, 2 modules/Calendar/admin/scheme.php, or 3 modules/Calendar/calendar.php...

7.5AI score0.07811EPSS
Exploits1References6
CVE
CVE
added 2006/10/13 8:0 p.m.45 views

CVE-2006-5289

Vulnerability summary (CVE-2006-5289): Vtiger CRM 4.2 and earlier is affected by multiple PHP remote file inclusion flaws in the Calendar module (calpath parameter) affecting update.php, scheme.php, and calendar.php. The underlying issue is unsafely handling calpath, allowing an attacker to suppl...

7.5CVSS7.6AI score0.07811EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2006/10/11 12:0 a.m.42 views

[ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability

ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------------- Author ...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2006/10/10 12:0 a.m.17 views

vtiger CRM <= 4.2 (calpath) Multiple Remote File Include Vulnerabilities

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple Remote File Inclusion...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/10/10 12:0 a.m.34 views

vtiger CRM <= 4.2 (calpath) Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================== vtiger CRM = 4.2 calpath Multiple Remote File Include Vulnerabilities ======================================================================== \ /\ \ / | \ \ | / \ //...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/10 12:0 a.m.31 views

vTiger CRM 4.2 - &#039;calpath&#039; Multiple Remote File Inclusions

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple Remote File Inclusion Vulnerability...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/10/10 12:0 a.m.21 views

vTiger CRM 4.2 - calpath Multiple Remote File Inclusions

vTiger CRM 4.2 - calpath Multiple Remote File Inclusions \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple...

7.5AI score
Exploits0
FreeBSD
FreeBSD
added 2006/10/09 12:0 a.m.30 views

vtiger -- multiple remote file inclusion vulnerabilities

Dedi Dwianto a.k.a theday reports: Input passed to the "$calpath" parameter in update.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources...

7.5CVSS7.1AI score0.07811EPSS
Exploits1References2
securityvulns
securityvulns
added 2006/09/27 12:0 a.m.100 views

vtiger CRM 5 Beta Remote File Include Vulnerability

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!! -------------------------------------------------------------------------------- Title : vtiger CRM 5 Beta Remote File Include Vulnerability -------------------------------------------------------------------------------- Author: CrackersChild cont@ct:...

1.3AI score
Exploits0
NVD
NVD
added 2006/09/07 12:4 a.m.12 views

CVE-2006-4617

Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier versions, allows remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails folder...

7.5CVSS7.4AI score0.01296EPSS
Exploits0References2
Cvelist
Cvelist
added 2006/09/07 12:0 a.m.15 views

CVE-2006-4617

Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier versions, allows remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails folder...

7.4AI score0.01296EPSS
Exploits0References2
CVE
CVE
added 2006/09/07 12:0 a.m.44 views

CVE-2006-4617

The CVE-2006-4617 entry documents an unrestricted file upload vulnerability in vtiger CRM 4.2.4 (and possibly earlier). The flaw is triggered via fileupload.html, permitting remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails directory. The associ...

7.5CVSS7.8AI score0.01296EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2006/09/06 10:4 p.m.17 views

CVE-2006-4587

Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 description parameter in unspecified modules or the 2 solution parameter in the HelpDesk module...

6.8CVSS5.9AI score0.0141EPSS
Exploits0References6
NVD
NVD
added 2006/09/06 10:4 p.m.14 views

CVE-2006-4588

vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access administrative modules via a direct request to index.php with a modified module parameter, as demonstrated using the Settings module...

7.5CVSS7.1AI score0.01696EPSS
Exploits1References5
CVE
CVE
added 2006/09/06 10:0 p.m.58 views

CVE-2006-4588

vtiger CRM 4.2.4 (and possibly earlier) contains an authentication-bypass vulnerability that lets remote attackers access administrative modules by issuing a direct request to index.php with a modified module parameter, demonstrated via the Settings module. Root cause: improper validation of the ...

7.5CVSS7.4AI score0.01696EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder