Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vtiger CRM 代码问题漏洞
Vulnerability Description
Vtiger CRM是美国Vtiger公司的一套基于SugarCRM开发的客户关系管理系统(CRM)。该管理系统提供管理、收集、分析客户信息等功能。 Vtiger CRM 6.3.0及之前版本中的modules/Settings/Vtiger/actions/CompanyDetailsSave.php文件的‘Settings_Vtiger_CompanyDetailsSave_Action’类存在代码问题漏洞。远程攻击者可借助特制文件利用该漏洞在系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A