Main Vulnerability Database Exploits ID:3750 - Exploit for Arbitrary file upload in Vtiger CRM - CVE-2013-3591

ID:3750 - Exploit for Arbitrary file upload in Vtiger CRM - CVE-2013-3591

Published: August 9, 2020

Vulnerability identifier: #VU34834

Vulnerability risk: High

CVE-ID: CVE-2013-3591

CWE-ID: CWE-434

Exploitation vector: Remote access

Vulnerable software:
Vtiger CRM

Link to public exploit:

The vulnerability allows a remote authenticated user to execute arbitrary code.

vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability

Install update from vendor's website.