6 matches found
CVE-2013-5091
The CVE affects vtiger CRM (CalendarCommon.php) where SQL injection is possible via the onlyforuser parameter passed to index.php. Affected: vtiger CRM 5.4.0 and likely earlier. Root cause: insufficient validation of the onlyforuser input leading to arbitrary SQL execution; exploitation requires ...
SQL Injection in vtiger CRM
Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...
vTiger CRM 5.4.0 - 'index.php?onlyforuser' SQL Injection
Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...
vTiger CRM 5.4.0 - index.php?onlyforuser SQL Injection
vTiger CRM 5.4.0 - index.php?onlyforuser SQL Injection Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013...
vtiger CRM 5.4.0 SQL Injection Vulnerability
vtiger CRM version 5.4.0 suffers from a remote SQL injection vulnerability. Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerabili...
vtiger CRM 5.4.0 SQL Injection
Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...