Описание
The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function.
The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3823
- http://marc.info/?l=full-disclosure&m=113290708121951&w=2
- http://secunia.com/advisories/17693
- http://securitytracker.com/id?1015274
- http://www.securityfocus.com/archive/1/417711/30/0/threaded
- http://www.securityfocus.com/bid/15569
- http://www.vupen.com/english/advisories/2005/2569
EPSS
Процентиль: 79%
0.012
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function.
EPSS
Процентиль: 79%
0.012
Низкий