Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vtiger CRM 输入验证漏洞
Vulnerability Description
Vtiger CRM是美国Vtiger公司的一套基于SugarCRM开发的客户关系管理系统(CRM)。该管理系统提供管理、收集、分析客户信息等功能。 Vtiger CRM6.0版本的modules/Users/ForgotPassword.php文件存在安全漏洞。远程攻击者可通过发送包含‘username’、‘password’及‘confirmPassword’参数的请求利用该漏洞重置任意用户的密码。
CVSS Information
N/A
Vulnerability Type
N/A