QwikSec

Security Database

CVE

CWE

Training

CVE-2019-5009

Published: Jan 4, 2019

Modified: Sep 16, 2024

PUBLISHED

Description

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://lists.vtigercrm.com/pipermail/vtigercrm-developers/2019-January/037852.html

x_refsource_MISC

https://pentest.com.tr/exploits/Vtiger-CRM-7-1-0-Remote-Code-Execution.html

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

http://code.vtiger.com/vtiger/vtigercrm/commit/52fc2fb520ddc55949c2fbedaabd61ddd0109375

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.