Vtiger CRM 5.2.0 Multiple Vulnerabilities @ Ush.it

Posted on December 04, 2010 in Research • Tagged with vtiger • 4 min read

With the Ush.it team we published an advisory about “Vtiger CRM 5.2.0 Multiple Vulnerabilities”. The original is here and you can download it here.

Vtiger CRM 5.2.0 Multiple Vulnerabilities

Name              Multiple Vulnerabilities in Vtiger CRM
Systems Affected  Vtiger CRM 5.2.0 and possibly earlier versions
Severity          Medium
Impact (CVSSv2)   Medium 9/10, vector: (AV:N/AC:L/Au:N/C:P/I:P/A:C)
Vendor            http://www.vtigercrm.com
Advisory          http://www.ush.it/team/ush/hack-vtigercrm_520/vtigercrm_520.txt
Authors           Giovanni "evilaliv3" Pellerano (evilaliv3 AT ush DOT it)
                  Alessandro "jekil" Tanasi (alessandro AT …

Continue reading