{"id":1467,"date":"2013-03-26T11:09:16","date_gmt":"2013-03-26T18:09:16","guid":{"rendered":"https:\/\/www.vtiger.com\/blogs\/?p=1467"},"modified":"2013-03-26T11:09:16","modified_gmt":"2013-03-26T18:09:16","slug":"vtiger-5-4-0-security-patch-released","status":"publish","type":"post","link":"https:\/\/two.vtiger.com\/blog\/archives\/vtiger-5-4-0-security-patch-released\/","title":{"rendered":"Vtiger 5.4.0 Security Patch Released"},"content":{"rendered":"<p><strong>***April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply <a href=\"http:\/\/sourceforge.net\/projects\/vtigercrm\/files\/vtiger%20CRM%205.4.0\/Core%20Product\/VtigerCRM-5.4.0-Performance_Patch.zip\/download\">this patch<\/a> after applying the security patch.<\/strong><\/p>\n<p>As many of you are aware, Vtiger CRM Open Source 6.0 is still under development and is slated for a May release. For those currently using Vtiger CRM Open Source 5.4, we would like to recommend applying a new security patch, which fixes a series of vulnerabilities reported by Mr. Nick Freeman from <a href=\"http:\/\/security-assessment.com\">security-assessment.com<\/a> and Mr. Egidio. The patch covers the following discovered vulnerabilities:<\/p>\n<p>Local File Inclusion<br \/>\nLocal File Deletion<br \/>\nSQL Injection<br \/>\nPHP Code Injection<br \/>\nCross site scripting<br \/>\nArbitrary File Upload<br \/>\nAuthentication Bypass vulnerabilities(SOAP API&#8217;s)<\/p>\n<p><strong>1. Before deploying the patch<\/strong><\/p>\n<p>It is essential to have an available backup of your Vtiger installation in the result of any errors. To do this, create a copy of the entire Vtiger folder, and place it in a different location. As there is no database change in this particular case, a database dump is unnecessary.<\/p>\n<p><strong>2. Obtaining the patch files<\/strong><br \/>\nDownload the patch files from:<br \/>\n<a href=\"http:\/\/sourceforge.net\/projects\/vtigercrm\/files\/vtiger%20CRM%205.4.0\/Core%20Product\/VtigerCRM540_Security_Patch.zip\">SourceForge<\/a> Vtiger Link<\/a><\/p>\n<p><strong>3. Upload the patch files to your Vtiger CRM 5.4.0 folder<\/strong><\/p>\n<p><strong>4. Extract the patch files to that directory, overwriting any files as necessary<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>***April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch. As many of you are aware, Vtiger CRM Open Source 6.0 is still under development and is slated for a May release.&hellip;&nbsp;<a href=\"https:\/\/two.vtiger.com\/blog\/archives\/vtiger-5-4-0-security-patch-released\/\" class=\"\" rel=\"bookmark\">.<span class=\"screen-reader-text\">Vtiger 5.4.0 Security Patch Released<\/span><\/a><\/p>\n","protected":false},"author":28,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","neve_meta_reading_time":"","_themeisle_gutenberg_block_has_review":false,"_ti_tpc_template_sync":false,"_ti_tpc_template_id":"","footnotes":""},"categories":[3],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Vtiger 5.4.0 Security Patch Released - Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vtiger 5.4.0 Security Patch Released - Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates\" \/>\n<meta property=\"og:description\" content=\"***April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch. As many of you are aware, Vtiger CRM Open Source 6.0 is still under development and is slated for a May release.&hellip;&nbsp;.Vtiger 5.4.0 Security Patch Released\" \/>\n<meta property=\"og:url\" content=\"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/\" \/>\n<meta property=\"og:site_name\" content=\"Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates\" \/>\n<meta property=\"og:image\" content=\"https:\/\/two.vtiger.com\/blog\/wp-content\/uploads\/2023\/02\/vtiger-logo-only.png\" \/>\n\t<meta property=\"og:image:width\" content=\"490\" \/>\n\t<meta property=\"og:image:height\" content=\"399\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kieran Kay\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vtiger 5.4.0 Security Patch Released - Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/","og_locale":"en_US","og_type":"article","og_title":"Vtiger 5.4.0 Security Patch Released - Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates","og_description":"***April 2nd, 2012 UPDATE: Some users may experience performance issues after applying the security patch below. If you do experience performance issues, please download and apply this patch after applying the security patch. As many of you are aware, Vtiger CRM Open Source 6.0 is still under development and is slated for a May release.&hellip;&nbsp;.Vtiger 5.4.0 Security Patch Released","og_url":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/","og_site_name":"Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates","og_image":[{"width":490,"height":399,"url":"https:\/\/two.vtiger.com\/blog\/wp-content\/uploads\/2023\/02\/vtiger-logo-only.png","type":"image\/png"}],"author":"Kieran Kay","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/#article","isPartOf":{"@id":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/"},"author":{"name":"Kieran Kay","@id":"https:\/\/two.vtiger.com\/blog\/#\/schema\/person\/dbbca39d57d0c1ce816573abb930d083"},"headline":"Vtiger 5.4.0 Security Patch Released","dateModified":"2013-03-26T18:09:16+00:00","mainEntityOfPage":{"@id":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/"},"wordCount":209,"commentCount":12,"publisher":{"@id":"https:\/\/two.vtiger.com\/blog\/#organization"},"articleSection":["All"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/","url":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/","name":"Vtiger 5.4.0 Security Patch Released - Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates","isPartOf":{"@id":"https:\/\/two.vtiger.com\/blog\/#website"},"dateModified":"2013-03-26T18:09:16+00:00","breadcrumb":{"@id":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/two.vtiger.com\/blog\/vtiger-5-4-0-security-patch-released\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/two.vtiger.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Vtiger 5.4.0 Security Patch Released"}]},{"@type":"WebSite","@id":"https:\/\/two.vtiger.com\/blog\/#website","url":"https:\/\/two.vtiger.com\/blog\/","name":"Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates","description":"","publisher":{"@id":"https:\/\/two.vtiger.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/two.vtiger.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/two.vtiger.com\/blog\/#organization","name":"Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates","url":"https:\/\/two.vtiger.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/two.vtiger.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/two.vtiger.com\/blog\/wp-content\/uploads\/2023\/02\/vtiger-logo-only.png","contentUrl":"https:\/\/two.vtiger.com\/blog\/wp-content\/uploads\/2023\/02\/vtiger-logo-only.png","width":490,"height":399,"caption":"Vtiger CRM Blog - Latest CRM Topics, Tips, Insights and Updates"},"image":{"@id":"https:\/\/two.vtiger.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/two.vtiger.com\/blog\/#\/schema\/person\/dbbca39d57d0c1ce816573abb930d083","name":"Kieran Kay","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/two.vtiger.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4ba6667aad460470f647844b4fbf4dfe?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4ba6667aad460470f647844b4fbf4dfe?s=96&d=mm&r=g","caption":"Kieran Kay"},"url":"https:\/\/two.vtiger.com\/blog\/author\/kieran\/"}]}},"_links":{"self":[{"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/posts\/1467"}],"collection":[{"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/users\/28"}],"replies":[{"embeddable":true,"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/comments?post=1467"}],"version-history":[{"count":0,"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/posts\/1467\/revisions"}],"wp:attachment":[{"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/media?parent=1467"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/categories?post=1467"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/two.vtiger.com\/blog\/wp-json\/wp\/v2\/tags?post=1467"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}