5 matches found
Symantec Advanced Secure Gateway (ASG) ProxySG - Unrestricted File Upload
Symantec Advanced Secure Gateway ASG ProxySG - Unrestricted File Upload ===========Security Intelligence============ Vendor Homepage: adobe.com Version: 2018 Tested on: Adobe ColdFusion 2018 Exploit Author: Pankaj Kumar Thakur Nepal ==========Table of Contents============== Overview Detailed...
Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution Exploit
Vtiger version 6.3.0 CRM's administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against vTiger CRM versi...
CVE-2016-1713
creationtimestamp| type| source ---|---|--- 2018-07-30 17:42:41+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/vtigerlogouploadexec.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:46+00:00| seen|...
Vtiger CRM - Authenticated Logo Upload RCE
Vtiger 6.3.0 CRM's administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This module was tested against vTiger CRM v6.3.0. This module...
CVE-2016-1713
CVE-2016-1713 concerns Vtiger CRM 6.4.0 where an unrestricted file upload in Settings_Vtiger_CompanyDetailsSave_Action (modules/Settings/Vtiger/actions/CompanyDetailsSave.php) lets a remote authenticated user upload a crafted image with an executable extension and access it via test/logo/ to exec...