CVE-2012-4867

EXPLOITED

vtiger CRM 5.1.0 - Path Traversal via module_name Parameter

Title source: llm

Exploitation Summary

CVE-2012-4867 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Pi3rrot.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in VTiger CRM 5.1.0 via the sortfieldsjson.php file. The attacker can read arbitrary files on the server by manipulating the module_name parameter with directory traversal sequences.

Description

Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the module_name parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Pi3rrot · textwebappsphp

https://www.exploit-db.com/exploits/18770

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in VTiger CRM 5.1.0 via the sortfieldsjson.php file. The attacker can read arbitrary files on the server by manipulating the module_name parameter with directory traversal sequences.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: VTiger CRM 5.1.0

No auth needed

Prerequisites: access to the target URL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit x_refsource_misc

http://packetstormsecurity.org/files/111075/Vtiger-5.1.0-Local-File-Inclusion.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18635

Scores

EPSS 0.0516

EPSS Percentile 90.1%

Details

VulnCheck KEV 2022-09-28

CWE

CWE-22

Status published

Products (1)

vtiger/vtiger_crm 5.1.0

Published Sep 06, 2012

Tracked Since Feb 18, 2026