4 matches found
Multiple vulnerabilities in EspoCRM
Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...
CVE-2014-7986
EspoCRM prior to 2.6.0 is affected by multiple issues via /install/index.php: CVE-2014-7986 allows remote reinstallation by setting installProcess=1 due to improper access control; CVE-2014-7985 enables PHP file inclusion via action parameter leading to potential code execution; CVE-2014-7987 ena...
EspoCRM 2.5.2 XSS / LFI / Access Control Vulnerabilities
EspoCRM version 2.5.2 suffers from cross site scripting, local file inclusion, and improper access control vulnerabilities. Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical...
EspoCRM 2.5.2 XSS / LFI / Access Control
Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...