ID
VAR-201110-0485
TITLE
vTiger CRM arbitrary SQL injection vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2011-4202
DESCRIPTION
Vtiger CRM is a web-based open source customer relationship management system. Vtiger CRM has a vulnerability in handling the filtering of multiple parameters that can be exploited by malicious users to execute arbitrary script code in the victim's browser via a specially crafted URL. vtiger CRM A vulnerability exists in the processing of multiple parameter filtering
Trust: 0.72
sources:
CNVD: CNVD-2011-4202 //
IVD: 706b477e-1f84-11e6-abef-000c29c66e3d
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
sources:
IVD: 706b477e-1f84-11e6-abef-000c29c66e3d //
CNVD: CNVD-2011-4202
AFFECTED PRODUCTS
| vendor: | vtiger | model: | crm | scope: | lte | version: | <=5.2.x | Trust: 0.8 |
sources:
IVD: 706b477e-1f84-11e6-abef-000c29c66e3d //
CNVD: CNVD-2011-4202
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
IVD: 706b477e-1f84-11e6-abef-000c29c66e3d
TYPE
SQL injection
Trust: 0.2
sources:
IVD: 706b477e-1f84-11e6-abef-000c29c66e3d
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2011-4202 | Trust: 0.8 |
| db: | IVD | id: | 706B477E-1F84-11E6-ABEF-000C29C66E3D | Trust: 0.2 |
sources:
IVD: 706b477e-1f84-11e6-abef-000c29c66e3d //
CNVD: CNVD-2011-4202
REFERENCES
| url: | http://seclists.org/bugtraq/2011/oct/19 | Trust: 0.6 |
sources:
CNVD: CNVD-2011-4202
SOURCES
| db: | IVD | id: | 706b477e-1f84-11e6-abef-000c29c66e3d |
| db: | CNVD | id: | CNVD-2011-4202 |
LAST UPDATE DATE
2022-05-17T02:09:58.245000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-4202 | date: | 2011-10-14T00:00:00 |
SOURCES RELEASE DATE
| db: | IVD | id: | 706b477e-1f84-11e6-abef-000c29c66e3d | date: | 2011-10-14T00:00:00 |
| db: | CNVD | id: | CNVD-2011-4202 | date: | 2011-10-14T00:00:00 |