Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | Vtiger Install Unauthenticated Remote Command Execution Exploit | 9 Apr 201400:00 | – | zdt |
 | CVE-2014-2269 | 21 Apr 201414:00 | – | cvelist |
 | EUVD-2014-2307 | 7 Oct 202500:30 | – | euvd |
 | Vtiger Install Unauthenticated Remote Command Execution | 4 Apr 201408:16 | – | metasploit |
 | CVE-2014-2269 | 22 Apr 201413:06 | – | nvd |
 | Vtiger CRM 6.0.0 Multiple Vulnerabilities - Active Check | 16 Apr 201400:00 | – | openvas |
 | Vtiger Install Unauthenticated Remote Command Execution | 8 Apr 201400:00 | – | packetstorm |
 | Design/Logic Flaw | 16 Nov 201401:59 | – | prion |
| Default credentials | 22 Apr 201413:06 | – | prion |
 | vtiger CRM远程代码执行漏洞 | 17 Apr 201400:00 | – | seebug |
10
Node
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| db_name | query param | index.php | Arbitrary command execution via Vtiger install script Step5 when crafting db_name parameter, leading to payload execution. | CWE-20 |
| auth_key | query param | index.php | Payload execution triggered via authentication step (Step7) using auth_key obtained earlier. | CWE-20 |
| query param | config.inc.php | Final payload execution via config.inc.php using a random GET param to trigger payload | CWE-20 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 00:06Current
7High risk
Vulners AI Score7
CVSS 26.4
EPSS0.15658