CVE-2013-3214 PoC — Vtiger CRM 注入漏洞

Source

https://github.com/shadofren/CVE-2013-3214

Associated Vulnerability

Title:Vtiger CRM 注入漏洞 (CVE-2013-3214)
Description:Vtiger CRM是美国Vtiger公司的一套基于SugarCRM开发的客户关系管理系统（CRM）。该管理系统提供管理、收集、分析客户信息等功能。 vtiger CRM 5.4.0及之前版本中的vtigerolservice.php文件存在注入漏洞，该漏洞源于程序未正确验证文件扩展名。远程攻击者可利用该漏洞上传并执行恶意的PHP代码。

Description

CVE-2013-3214

Readme

# CVE-2013-3214
vTiger 5.4.0 Arbitrary File Upload to Remote Code Execution

File Snapshot


 [4.0K]  /data/pocs/924c788aedcac934f295fb0578b39caee9fd42a9
├── [1.5K]  CVE-2013-3214.py
└── [  76]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!