Vtiger CRM 5.2.0: Multiple Vulnerabilities

Users of Vtiger CRM 5.2.0 please be advised of Multiple Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

vtiger-SA-11/17/2010: Vtiger CRM 5.2.0 Multiple Vulnerabilities
DESCRIPTION

Multiple Vulnerabilities exist in Vtiger CRM software.

Summary:

A) Remote Code Execution (RCE) Vulnerability
B) Local File Inclusion (LFI) Vulnerability (pre-auth)
C) Cross Site Scripting (XSS) Vulnerabilities (pre-auth, reflected)
D) Cross Site Scripting (XSS) Vulnerabilities (post-auth, reflected)Read more at http://www.criticalwatch.com

 

Advertisements