7 matches found
Path Traversal
yetiforce/yetiforce-crm is vulnerable of Path Traversal. The vulnerability is caused due to not sanitizing and validating the file path used to load/retrieve file contents in the file LibraryLicense.php. A remote authenticated attacker can exploit this to obtain sensitive information via the...
YetiForceCRM Directory Traversal vulnerability
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component...
CVE-2023-49508
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component...
CVE-2023-49508
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component...
Directory traversal
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component...
YetiForceCrm Security Vulnerability
YetiForceCrm is an open source Crm system from the Polish company YetiForce. A security vulnerability exists in YetiForce YetiForceCRM 6.4.0 and earlier versions, which originates from a vulnerability that allows an authenticated, remote attacker to obtain sensitive information via the license...
CVE-2023-49508
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component...