CVE-2013-3212

Опубликовано: 28 янв. 2020

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Средний

Описание

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code.

Ссылки

http://www.exploit-db.com/exploits/27279
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/61560
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/86162
Third Party Advisory
VDB Entry
http://www.exploit-db.com/exploits/27279
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/61560
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/86162
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vtiger:vtiger_crm:*:*:*:*:*:*:*:*

Версия до 5.4.0 (включая)

EPSS

Процентиль: 96%

0.23052

Средний

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-xw9v-5wrh-424g

github

больше 3 лет назад