CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4867

Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the module_name parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 88.9%

CVSS Severity

CVSS v2 Score 5.0

References

http://packetstormsecurity.org/files/111075/Vtiger-5.1.0-Local-File-Inclusion.html
http://www.exploit-db.com/exploits/18635
http://packetstormsecurity.org/files/111075/Vtiger-5.1.0-Local-File-Inclusion.html
http://www.exploit-db.com/exploits/18635

Products affected by CVE-2012-4867

Vtiger » Vtiger Crm » Version: 5.1.0

cpe:2.3:a:vtiger:vtiger_crm:5.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4867

Products

Pricing

Contact Us