CVE-2010-3909

high

Description

Incomplete blacklist vulnerability in config.template.php in vtiger CRM before 5.2.1 allows remote authenticated users to execute arbitrary code by using the draft save feature in the Compose Mail component to upload a file with a .phtml extension, and then accessing this file via a direct request to the file in the storage/ directory tree.

References

http://www.ush.it/team/ush/hack-vtigercrm_520/vtigercrm_520.txt

http://www.securityfocus.com/archive/1/514846/100/0/threaded

http://wiki.vtiger.com/index.php/Vtiger521:Release_Notes

http://vtiger.com/blogs/2010/11/16/vtiger-crm-521-is-released/

http://secunia.com/advisories/42246

Details

Source: Mitre, NVD

Published: 2010-11-26

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.01465