CVE-2019-5009

by Fred · 04/01/2019

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150×40. One can put PHP code into the image; PHP code can be executed using "" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.

Date published : 2019-01-04

https://www.exploit-db.com/exploits/46065

http://code.vtiger.com/vtiger/vtigercrm/commit/52fc2fb520ddc55949c2fbedaabd61ddd0109375

CVE-2019-5009

Similar

Recent Posts

Categories

CVE-2019-5009

Share this:

Similar

Recent Posts

Categories

Tags