CVE-2013-7249
CVE-2013-7249 affects Fat Free CRM prior to 0.12.1. The issue is an XML serialization restriction flaw that allows remote attackers to obtain sensitive information via a direct request (e.g., /users/1.xml). This is explicitly described as a separate vulnerability from CVE-2013-7224. The available...