vTigerCRM 5.3.0 5.4.0 - Authenticated Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

Elastix 2.4.0 Cross Site Scripting

Exploit Title: Elastix 2.4.0 Multiple XSS Date: 17 Nov 2013 Author: Bassem - Unshield Team Contact: Securityatunshielddotnet Software Link: http://www.elastix.org/ Version: 2.4.0 , works for same libs exist also on Elastix 3.0.0 Alpha Tested on: 2.4.0...

vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution

vTiger CRM allows an authenticated user to upload files to embed within documents. Due to insufficient privileges on the 'files' upload folder, an attacker can upload a PHP script and execute arbitrary PHP code remotely. This Metasploit module was tested against vTiger CRM v5.4.0 and v5.3.0. This...

vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution

vTiger CRM allows an authenticated user to upload files to embed within documents. Due to insufficient privileges on the 'files' upload folder, an attacker can upload a PHP script and execute arbitrary PHP code remotely. This module was tested against vTiger CRM v5.4.0 and v5.3.0. This module...

Elastix 2.2.0 LFI Exploit

Exploit for php platform in category web applications !/usr/bin/perl -w ------------------------------------------------------------------------------------ Elastix is an Open Source Sofware to establish Unified Communications. About this concept, Elastix goal is to incorporate all the...

Local file inclusion in VtigerCRM

Vulnerability ID: HTB23054 Reference: https://www.htbridge.ch/advisory/localfileinclusioninvtigercrm.html Product: VtigerCRM Vendor: vtiger.com http://www.vtiger.com Vulnerable Version: 5.2.1 and probably prior Tested Version: 5.2.1 Vendor Notification: 19 October 2011 Vulnerability Type: Local...

VtigerCRM 5.2.1 Local File Inclusion

Vulnerability ID: HTB23054 Reference: https://www.htbridge.ch/advisory/localfileinclusioninvtigercrm.html Product: VtigerCRM Vendor: vtiger.com http://www.vtiger.com Vulnerable Version: 5.2.1 and probably prior Tested Version: 5.2.1 Vendor Notification: 19 October 2011 Vulnerability Type: Local...

vtigercrm-xss.txt

Multiple Cross Site Scripting XSS Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3101 http://www.vtiger.de/ Description vtigerCRM is a Open Source Customer Relationship Managemen...

Multiple Cross Site Scripting (XSS) Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101

Multiple Cross Site Scripting XSS Vulnerabilities in vtigerCRM 5.0.4, CVE-2008-3101 References https://vulners.com/cve/CVE-2008-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3101 http://www.vtiger.de/ Description vtigerCRM is a Open Source Customer Relationship Management CRM Software. The...