Vulnerabilities > CVE-2006-4588 - Unspecified vulnerability in Vtiger CRM 4.2/4.2.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access administrative modules via a direct request to index.php with a modified module parameter, as demonstrated using the Settings module.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://secunia.com/advisories/21728
- http://secunia.com/advisories/21728
- http://www.osvdb.org/28462
- http://www.osvdb.org/28462
- http://www.securityfocus.com/bid/19829
- http://www.securityfocus.com/bid/19829
- http://www.security-net.biz/adv/D3906a.txt
- http://www.security-net.biz/adv/D3906a.txt
- http://www.vupen.com/english/advisories/2006/3444
- http://www.vupen.com/english/advisories/2006/3444