Lucene search
K

6 matches found

CVE
CVE
added 2013/10/04 8:0 p.m.82 views

CVE-2013-5091

The CVE affects vtiger CRM (CalendarCommon.php) where SQL injection is possible via the onlyforuser parameter passed to index.php. Affected: vtiger CRM 5.4.0 and likely earlier. Root cause: insufficient validation of the onlyforuser input leading to arbitrary SQL execution; exploitation requires ...

6.5CVSS8AI score0.01238EPSS
Exploits5References5Affected Software1
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.120 views

SQL Injection in vtiger CRM

Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS0.01238EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/09/20 12:0 a.m.64 views

vTiger CRM 5.4.0 - 'index.php?onlyforuser' SQL Injection

Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS6.6AI score0.01238EPSS
Exploits5
exploitpack
exploitpack
added 2013/09/20 12:0 a.m.107 views

vTiger CRM 5.4.0 - index.php?onlyforuser SQL Injection

vTiger CRM 5.4.0 - index.php?onlyforuser SQL Injection Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013...

6.5CVSS0.2AI score0.01238EPSS
Exploits5
0day.today
0day.today
added 2013/09/19 12:0 a.m.86 views

vtiger CRM 5.4.0 SQL Injection Vulnerability

vtiger CRM version 5.4.0 suffers from a remote SQL injection vulnerability. Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerabili...

8.1AI score0.01238EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/09/18 12:0 a.m.66 views

vtiger CRM 5.4.0 SQL Injection

Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...

6.5CVSS0.5AI score0.01238EPSS
Exploits5
Rows per page
Query Builder