[Vtigercrm-developers] vtiger CRM 5.4.0 - Security Patch Released in Live
Appu
apparao at vtiger.com
Tue Mar 26 07:41:01 GMT 2013
Hi All,
We released a security patch for 5.4.0 that fixes the following security
issues.
- Local File Inclusion
- Local File Deletion
- SQL Injection
- PHP Code Injection
- Cross site scripting
- Arbitrary File Upload
- Authentication Bypass vulnerabilities(SOAP API's)
We would like to thank *Nick Freeman* from security-assessment.com and *
Egidio *for reporting these vulnerabilities.
*Download Links* :
https://www.vtiger.com/crm/open-source-downloads/ or
http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.4.0/Core%20Product/VtigerCRM540_Security_Patch.zip
*Note:* We recommend taking a backup of your source directory before you
unpack the patch in the source directory.
* *
Thanks,
Apparao G
*TEAM*
*Connect with us on: *Website <http://vtiger.com/>* **I*
Twitter<http://twitter.com/#%21/vtigercrm>
*I* Facebook <http://www.facebook.com/pages/vtiger/226866697333578?sk=wall>
*I* Blog <http://blog.vtiger.com/>* I*
Wiki<http://wiki.vtiger.com/index.php/Main_Page>
*I *Forums <http://forums.vtiger.com/>
**
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20130326/f74647b5/attachment.html>
More information about the vtigercrm-developers
mailing list