Описание
SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands.
SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-11057
- https://cybersecurityworks.com/zerodays/cve-2019-11057-vtiger.html
- https://medium.com/%40mohnishdhage/sql-injection-vtiger-crm-v7-1-0-cve-2019-11057-245f84fc5c2c
- https://medium.com/@mohnishdhage/sql-injection-vtiger-crm-v7-1-0-cve-2019-11057-245f84fc5c2c
- http://lists.vtigercrm.com/pipermail/vtigercrm-developers/2019-April/037964.html
Связанные уязвимости
CVSS3: 8.8
nvd
больше 6 лет назад
SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands.