|
Description
|
|
Multiple vulnerabilities were identified in vTiger CRM, which could be exploited by remote attackers to execute arbitrary commands, gain knowledge of sensitive information, or conduct cross site scripting and SQL injection attacks.
The first issue is due to input validation errors in various scripts and modules when processing specially crafted parameters, which could be exploited by malicious users to conduct cross site scripting attacks.
The second vulnerability is due to an input validation error in the RSS aggregation module that does not properly handle malicious feeds, which may be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.
The third flaw is due to an input validation error in the authentication procedure when processing a malformed "user_name" parameter, which may be exploited by remote attackers to gain unauthorized access to the administration interface via SQL injection attacks.
The fourth issue is due to an input validation error when processing specially crafted "date" and "record" parameters, which may be exploited by remote attackers to disclose sensitive information (e.g. usernames and passwords) via SQL injection attacks.
The fifth flaw is due to an error when processing specially crafted "action" and "module" parameters, which may be exploited by remote attackers to disclose the contents of arbitrary files.
The sixth vulnerability is due to an error in the logging funtion that does not properly validate user-supplied data, which could be exploited by remote attackers to inject and execute malicious PHP commands via the "vtigercrm.log" file.
The seventh issue is due to an error when processing the "name" field during the registration process, which may be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser.
The eighth flaw is due to an error in the "Users" module that does not properly validate the "templatename" parameter, which could be exploited by attackers to execute arbitrary PHP commands.
The ninth vulnerability resides in the "uploads" module that does not properly validate uploaded files, which could be exploited by attackers to upload and execute malicious PHP scripts.
|
