CVE-2006-4588

2006-09-06T22:04:00
ID CVE-2006-4588
Type cve
Reporter cve@mitre.org
Modified 2011-03-08T02:41:00

Description

vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access administrative modules via a direct request to index.php with a modified module parameter, as demonstrated using the Settings module.