|
Description
|
|
Two vulnerabilities have been discovered in Elastix, which can be exploited by malicious people to compromise a vulnerable system.
Input passed to the "module" and "action" parameters in vtigercrm/graph.php is not properly verified before being used to include files. This can be exploited to include arbitrary files and execute arbitrary PHP code by e.g. including a previously uploaded file with ".txt" extension containing PHP code via directory traversal sequences and URL-encoded NULL bytes.
This may be related to vulnerability #2 in:
SA46807
This vulnerability is confirmed in version 2.3. Prior versions may also be affected.
|
