var-201404-0102
Vulnerability from variot
Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_list method to soap/customerportal.php, or (3) emailaddress parameter in the SearchContactsByEmail method to soap/vtigerolservice.php; or remote authenticated users to execute arbitrary SQL commands via the (4) emailaddress parameter in the SearchContactsByEmail method to soap/thunderbirdplugin.php. Vtiger CRM Is SQL An injection vulnerability exists.By any third party, via the following parameters SQL The command may be executed. (4) soap/thunderbirdplugin.php of SearchContactsByEmail In the method emailaddress Parameters. vtiger CRM is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. vtiger CRM 5.0.0 through versions 5.4.0 are vulnerable. Vtiger CRM is a customer relationship management system (CRM) based on SugarCRM developed by American Vtiger Company. The management system provides functions such as management, collection, and analysis of customer information. The vulnerability comes from the fact that the soap/customerportal.php script does not correctly filter the 'picklist_name' parameter in the get_picklists method; the soap/customerportal.php script does not correctly filter the get_tickets_list method The 'where' parameter; the soap/vtigerolservice.php script does not correctly filter the 'emailaddress' parameter in the SearchContactsByEmail method; the soap/thunderbirdplugin.php script does not correctly filter the 'emailaddress' parameter in the SearchContactsByEmail method.
[-] Vulnerability Description:
1) The vulnerable code is located in the get_picklists SOAP method defined in /soap/customerportal.php:
- $id = $input_array['id'];
- $sessionid = $input_array['sessionid'];
- $picklist_name = $adb->sql_escape_string($input_array['picklist_name']);
- if(!validateSession($id,$sessionid))
- return null;
- $picklist_array = Array();
- $admin_role = 'H2';
- $userid = getPortalUserid();
- $roleres = $adb->pquery("SELECT roleid from vtiger_user2role where userid = ?", array($userid));
- $RowCount = $adb->num_rows($roleres);
- if($RowCount > 0){
- $admin_role = $adb->query_result($roleres,0,'roleid');
- }
- $res = $adb->pquery("select vtiger_". $picklist_name.".* from vtiger_". $picklist_name." inner join [...]
User input passed through the "picklist_name" parameter seems to be correctly sanitised by the sql_escape_string() method, but the vulnerability exists because it's used in the query at line 1194 without single or double quotes. This can be exploited to conduct blind SQL injection attacks.
2) The vulnerable code is located in the get_tickets_list SOAP method defined in /soap/customerportal.php:
- $id = $input_array['id'];
- $only_mine = $input_array['onlymine'];
- $where = $input_array['where']; //addslashes is already added with where condition fields in portal itself
- $match = $input_array['match'];
- $sessionid = $input_array['sessionid'];
- if(!validateSession($id,$sessionid))
- return null;
- // Prepare where conditions based on search query
- $join_type = '';
- $where_conditions = '';
- if(trim($where) != '') {
- if($match == 'all' || $match == '') {
- $join_type = " AND ";
- } elseif($match == 'any') {
- $join_type = " OR ";
- }
- $where = explode("&&&",$where);
- $where_conditions = implode($join_type, $where);
[...]
- $query = "SELECT vtiger_troubletickets.*, vtiger_crmentity.smownerid,vtiger_crmentity.createdtime, [...]
- FROM vtiger_troubletickets
- INNER JOIN vtiger_crmentity ON vtiger_crmentity.crmid = vtiger_troubletickets.ticketid AND [...]
- WHERE vtiger_troubletickets.parent_id IN (". generateQuestionMarks($entity_ids_list) .")";
- // Add conditions if there are any search parameters
- if ($join_type != '' && $where_conditions != '') {
- $query .= " AND (".$where_conditions.")";
- }
User input passed through the "where" parameter isn't properly validated before being used in a SQL query at line 713. This can be exploited to conduct SQL injection attacks.
3) The vulnerable code is located in the SearchContactsByEmail SOAP method defined in /soap/thunderbirdplugin.php:
- function SearchContactsByEmail($username,$password,$emailaddress)
- {
- if(authentication($username,$password))
- {
- require_once('modules/Contacts/Contacts.php');
- $seed_contact = new Contacts();
- $output_list = Array();
- $response = $seed_contact->get_searchbyemailid($username,$emailaddress);
User input passed through the "emailaddress" parameter isn't properly validated before being used in a call to the Contacts::get_searchbyemailid() method at line 195. This can be exploited to conduct SQL injection attacks. Successful exploitation of this vulnerability requires authentication.
4) The vulnerable code is located in the SearchContactsByEmail SOAP method defined in /soap/vtigerolservice.php:
- function SearchContactsByEmail($username,$session,$emailaddress)
- {
- if(!validateSession($username,$session))
- return null;
- require_once('modules/Contacts/Contacts.php');
- $seed_contact = new Contacts();
- $output_list = Array();
- $response = $seed_contact->get_searchbyemailid($username,$emailaddress);
User input passed through the "emailaddress" parameter isn't properly validated before being used in a call to the Contacts::get_searchbyemailid() method at line 291. This can be exploited to conduct SQL injection attacks. Successful exploitation of this vulnerability requires knowledge of a valid username.
[-] Solution:
Apply the vendor patch:http://www.vtiger.com/blogs/?p=1467
[-] Disclosure Timeline:
[13/01/2013] - Vendor notified [06/02/2013] - Vendor asked feedback abouthttp://trac.vtiger.com/cgi-bin/trac.cgi/changeset/13848 [05/03/2013] - Feedback provided to the vendor [26/03/2013] - Vendor patch released [18/04/2013] - CVE number requested [20/04/2013] - CVE number assigned [01/08/2013] - Public disclosure
[-] CVE Reference:
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3213 to these vulnerabilities.
[-] Credits:
Vulnerabilities discovered by Egidio Romano.
[-] Original Advisory:
http://karmainsecurity.com/KIS-2013-06
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0102",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "crm",
"scope": "eq",
"trust": 1.9,
"vendor": "vtiger",
"version": "5.2.1"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.9,
"vendor": "vtiger",
"version": "5.0.4"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.6,
"vendor": "vtiger",
"version": "5.4.0"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.6,
"vendor": "vtiger",
"version": "5.1.0"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.6,
"vendor": "vtiger",
"version": "5.3.0"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.6,
"vendor": "vtiger",
"version": "5.0.0"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.6,
"vendor": "vtiger",
"version": "5.0.1"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.6,
"vendor": "vtiger",
"version": "5.2.0"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.3,
"vendor": "vtiger",
"version": "5.0.3"
},
{
"model": "crm",
"scope": "eq",
"trust": 1.0,
"vendor": "vtiger",
"version": "5.0.2"
},
{
"model": "crm",
"scope": "eq",
"trust": 0.8,
"vendor": "vtiger",
"version": "5.0.0 to 5.4.0"
},
{
"model": "crm",
"scope": "eq",
"trust": 0.3,
"vendor": "vtiger",
"version": "5.3"
},
{
"model": "crm",
"scope": "eq",
"trust": 0.3,
"vendor": "vtiger",
"version": "5.2"
},
{
"model": "crm",
"scope": "eq",
"trust": 0.3,
"vendor": "vtiger",
"version": "5.1"
},
{
"model": "crm rc",
"scope": "eq",
"trust": 0.3,
"vendor": "vtiger",
"version": "5.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "61563"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vtiger:vtiger_crm",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Egidio Romano",
"sources": [
{
"db": "BID",
"id": "61563"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3213",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-3213",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-63215",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-3213",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-3213",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-014",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-63215",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63215"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_list method to soap/customerportal.php, or (3) emailaddress parameter in the SearchContactsByEmail method to soap/vtigerolservice.php; or remote authenticated users to execute arbitrary SQL commands via the (4) emailaddress parameter in the SearchContactsByEmail method to soap/thunderbirdplugin.php. Vtiger CRM Is SQL An injection vulnerability exists.By any third party, via the following parameters SQL The command may be executed. (4) soap/thunderbirdplugin.php of SearchContactsByEmail In the method emailaddress Parameters. vtiger CRM is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. \nExploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nvtiger CRM 5.0.0 through versions 5.4.0 are vulnerable. Vtiger CRM is a customer relationship management system (CRM) based on SugarCRM developed by American Vtiger Company. The management system provides functions such as management, collection, and analysis of customer information. The vulnerability comes from the fact that the soap/customerportal.php script does not correctly filter the \u0027picklist_name\u0027 parameter in the get_picklists method; the soap/customerportal.php script does not correctly filter the get_tickets_list method The \u0027where\u0027 parameter; the soap/vtigerolservice.php script does not correctly filter the \u0027emailaddress\u0027 parameter in the SearchContactsByEmail method; the soap/thunderbirdplugin.php script does not correctly filter the \u0027emailaddress\u0027 parameter in the SearchContactsByEmail method. \n\n\n[-] Vulnerability Description:\n\n1) The vulnerable code is located in the get_picklists SOAP method defined in /soap/customerportal.php:\n\n1177. \t$id = $input_array[\u0027id\u0027];\n1178. \t$sessionid = $input_array[\u0027sessionid\u0027];\n1179. \t$picklist_name = $adb-\u003esql_escape_string($input_array[\u0027picklist_name\u0027]);\n1180. \n1181. \tif(!validateSession($id,$sessionid))\n1182. \treturn null;\n1183. \n1184. \t$picklist_array = Array();\n1185. \n1186. \t$admin_role = \u0027H2\u0027;\n1187. \t$userid = getPortalUserid();\n1188. \t$roleres = $adb-\u003epquery(\"SELECT roleid from vtiger_user2role where userid = ?\", array($userid));\n1189. \t$RowCount = $adb-\u003enum_rows($roleres);\n1190. \tif($RowCount \u003e 0){\n1191. \t\t$admin_role = $adb-\u003equery_result($roleres,0,\u0027roleid\u0027);\n1192. \t}\n1193. \n1194. \t$res = $adb-\u003epquery(\"select vtiger_\". $picklist_name.\".* from vtiger_\". $picklist_name.\" inner join [...]\n\nUser input passed through the \"picklist_name\" parameter seems to be correctly sanitised by the\nsql_escape_string() method, but the vulnerability exists because it\u0027s used in the query at line 1194\nwithout single or double quotes. This can be exploited to conduct blind SQL injection attacks. \n\n2) The vulnerable code is located in the get_tickets_list SOAP method defined in /soap/customerportal.php:\n\n654. \t$id = $input_array[\u0027id\u0027];\n655. \t$only_mine = $input_array[\u0027onlymine\u0027];\n656. \t$where = $input_array[\u0027where\u0027]; //addslashes is already added with where condition fields in portal itself\n657. \t$match = $input_array[\u0027match\u0027];\n658. \t$sessionid = $input_array[\u0027sessionid\u0027];\n659. \n660. \tif(!validateSession($id,$sessionid))\n661. \t\treturn null;\n662. \n663. \t// Prepare where conditions based on search query\n664. \t$join_type = \u0027\u0027;\n665. \t$where_conditions = \u0027\u0027;\n666. \tif(trim($where) != \u0027\u0027) {\n667. \t\tif($match == \u0027all\u0027 || $match == \u0027\u0027) {\n668. \t\t\t$join_type = \" AND \";\n669. \t\t} elseif($match == \u0027any\u0027) {\n670. \t\t\t$join_type = \" OR \";\n671. \t\t}\n672. \t\t$where = explode(\"\u0026\u0026\u0026\",$where);\n673. \t\t$where_conditions = implode($join_type, $where);\n\n[...]\n\n707. \t$query = \"SELECT vtiger_troubletickets.*, vtiger_crmentity.smownerid,vtiger_crmentity.createdtime, [...]\n708. \t\tFROM vtiger_troubletickets\n709. \t\tINNER JOIN vtiger_crmentity ON vtiger_crmentity.crmid = vtiger_troubletickets.ticketid AND [...]\n710. \t\tWHERE vtiger_troubletickets.parent_id IN (\". generateQuestionMarks($entity_ids_list) .\")\";\n711. \t// Add conditions if there are any search parameters\n712. \tif ($join_type != \u0027\u0027 \u0026\u0026 $where_conditions != \u0027\u0027) {\n713. \t\t$query .= \" AND (\".$where_conditions.\")\";\n714. \t}\n\nUser input passed through the \"where\" parameter isn\u0027t properly validated before being\nused in a SQL query at line 713. This can be exploited to conduct SQL injection attacks. \n\n3) The vulnerable code is located in the SearchContactsByEmail SOAP method defined in /soap/thunderbirdplugin.php:\n\n186. \tfunction SearchContactsByEmail($username,$password,$emailaddress)\n187. \t{\n188. \t if(authentication($username,$password))\n189. \t {\n190. \t require_once(\u0027modules/Contacts/Contacts.php\u0027);\n191. \t\n192. \t $seed_contact = new Contacts();\n193. \t $output_list = Array();\n194. \t\n195. \t $response = $seed_contact-\u003eget_searchbyemailid($username,$emailaddress);\n\nUser input passed through the \"emailaddress\" parameter isn\u0027t properly validated before being used\nin a call to the Contacts::get_searchbyemailid() method at line 195. This can be exploited to conduct\nSQL injection attacks. Successful exploitation of this vulnerability requires authentication. \n\n4) The vulnerable code is located in the SearchContactsByEmail SOAP method defined in /soap/vtigerolservice.php:\n\n282. \tfunction SearchContactsByEmail($username,$session,$emailaddress)\n283. \t{\n284. \t\tif(!validateSession($username,$session))\n285. \t\treturn null;\n286. \t\trequire_once(\u0027modules/Contacts/Contacts.php\u0027);\n287. \t\n288. \t $seed_contact = new Contacts();\n289. \t $output_list = Array();\n290. \t\n291. \t $response = $seed_contact-\u003eget_searchbyemailid($username,$emailaddress);\n\nUser input passed through the \"emailaddress\" parameter isn\u0027t properly validated before being used in\na call to the Contacts::get_searchbyemailid() method at line 291. This can be exploited to conduct SQL\ninjection attacks. Successful exploitation of this vulnerability requires knowledge of a valid username. \n\n\n[-] Solution:\n\nApply the vendor patch:http://www.vtiger.com/blogs/?p=1467\n\n\n[-] Disclosure Timeline:\n\n[13/01/2013] - Vendor notified\n[06/02/2013] - Vendor asked feedback abouthttp://trac.vtiger.com/cgi-bin/trac.cgi/changeset/13848\n[05/03/2013] - Feedback provided to the vendor\n[26/03/2013] - Vendor patch released\n[18/04/2013] - CVE number requested\n[20/04/2013] - CVE number assigned\n[01/08/2013] - Public disclosure\n\n\n[-] CVE Reference:\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CVE-2013-3213 to these vulnerabilities. \n\n\n[-] Credits:\n\nVulnerabilities discovered by Egidio Romano. \n\n\n[-] Original Advisory:\n\nhttp://karmainsecurity.com/KIS-2013-06\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3213"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "BID",
"id": "61563"
},
{
"db": "VULHUB",
"id": "VHN-63215"
},
{
"db": "PACKETSTORM",
"id": "122641"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-63215",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63215"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3213",
"trust": 2.9
},
{
"db": "BID",
"id": "61563",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014",
"trust": 0.7
},
{
"db": "XF",
"id": "86129",
"trust": 0.6
},
{
"db": "XF",
"id": "20133213",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20130801 [KIS-2013-06] VTIGER CRM \u003c= 5.4.0 (SOAP SERVICES) MULTIPLE SQL INJECTION VULNERABILITIES",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "122641",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "27279",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-63215",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63215"
},
{
"db": "BID",
"id": "61563"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "PACKETSTORM",
"id": "122641"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"id": "VAR-201404-0102",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63215"
}
],
"trust": 0.62916664
},
"last_update_date": "2024-08-14T13:25:07.662000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Vtiger 5.4.0 Security Patch Released",
"trust": 0.8,
"url": "https://www.vtiger.com/blogs/?p=1467"
},
{
"title": "vtigercrm6.0.0",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49112"
},
{
"title": "vtigercrm600",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49111"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63215"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://www.vtiger.com/blogs/?p=1467"
},
{
"trust": 2.1,
"url": "http://karmainsecurity.com/kis-2013-06"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/61563"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0001.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86129"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3213"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3213"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/86129"
},
{
"trust": 0.3,
"url": "http://sourceforge.net/projects/vtigercrm/files/vtiger%20crm%205.1.0/"
},
{
"trust": 0.1,
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/13848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3213"
},
{
"trust": 0.1,
"url": "http://www.vtiger.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63215"
},
{
"db": "BID",
"id": "61563"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "PACKETSTORM",
"id": "122641"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63215"
},
{
"db": "BID",
"id": "61563"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"db": "PACKETSTORM",
"id": "122641"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-63215"
},
{
"date": "2013-08-01T00:00:00",
"db": "BID",
"id": "61563"
},
{
"date": "2014-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"date": "2013-08-01T18:32:11",
"db": "PACKETSTORM",
"id": "122641"
},
{
"date": "2013-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"date": "2014-04-02T16:05:49.267000",
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63215"
},
{
"date": "2013-08-01T00:00:00",
"db": "BID",
"id": "61563"
},
{
"date": "2014-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006283"
},
{
"date": "2014-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-014"
},
{
"date": "2017-08-29T01:33:22.010000",
"db": "NVD",
"id": "CVE-2013-3213"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "122641"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vtiger CRM In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006283"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sql injection",
"sources": [
{
"db": "PACKETSTORM",
"id": "122641"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-014"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…