CVE-2007-3604
N/A
N/A
Summary
vtiger CRM before 5.0.3 allows remote authenticated users with access to the Analytics DashBoard menu to bypass data restrictions and read the pipeline of the entire organization, possibly involving modules/Potentials/Potentials.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3196
- http://forums.vtiger.com/viewtopic.php?p=44717
- http://trac.vtiger.com/cgi-bin/trac.cgi/report/9
- http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10423
- http://osvdb.org/45783
References
- http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3196
- http://forums.vtiger.com/viewtopic.php?p=44717
- http://trac.vtiger.com/cgi-bin/trac.cgi/report/9
- http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10423
- http://osvdb.org/45783
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.