Vtiger CRM 5.0.4 Multiple Vulnerabilities - Bugtraq Advisory

On August 18, 2009, Francesco “ascii” Ongaro published a technical advisory on Bugtraq — via the marc.info portal — in collaboration with Giovanni “evilaliv3” Pellerano and Antonio “s4tan” Parata, regarding multiple vulnerabilities in the Vtiger CRM 5.0.4 software. The bulletin, which documents flaws such as Remote Code Execution, CSRF, Local File Inclusion, and XSS, is signed and protected by copyright in Ongaro’s name. The alert was released simultaneously with publication on USH.it and is accompanied by a legal note prohibiting modification or redistribution without the author’s written consent.