CVE-2007-3603
N/A
N/A
Summary
SQL injection vulnerability in the dashboard (include/utils/SearchUtils.php) in vtiger CRM before 5.0.3 allows remote authenticated users to execute arbitrary SQL commands via the assigned_user_id parameter in a Potentials ListView action to index.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3196
- http://forums.vtiger.com/viewtopic.php?p=44717
- http://trac.vtiger.com/cgi-bin/trac.cgi/report/9
- http://osvdb.org/45782
- http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10423
References
- http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3196
- http://forums.vtiger.com/viewtopic.php?p=44717
- http://trac.vtiger.com/cgi-bin/trac.cgi/report/9
- http://osvdb.org/45782
- http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10423
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.