CVE-2025-70936

Vtiger CRM 8.4.0 contains a reflected cross-site scripting XSS vulnerability in the MailManager module. Improper handling of user-controlled input in the folder parameter allows a specially crafted, double URL-encoded payload to be reflected and executed in the context of an authenticated user s...

CVE-2025-70936

Vtiger CRM 8.4.0 contains a reflected cross-site scripting XSS vulnerability in the MailManager module. Improper handling of user-controlled input in the folder parameter allows a specially crafted, double URL-encoded payload to be reflected and executed in the context of an authenticated user s...

Vtiger CRM 安全漏洞

Vtiger CRM is a customer relationship management system developed by Vtiger Corporation in the United States, based on SugarCRM. This system provides functions for managing, collecting, and analyzing customer information. Version Vtiger CRM 8.4.0 has a security vulnerability, which stems from...

PT-2026-32520

Name of the Vulnerable Software and Affected Versions Vtiger CRM version 8.4.0 Description A reflected cross-site scripting XSS issue exists in the MailManager module, where XSS is a type of attack that injects malicious scripts into a trusted website. Improper handling of user-controlled input i...

CVE-2024-42994

VTiger CRM = 8.1.0 does not properly sanitize user input before using it in a SQL statement, leading to a SQL Injection in the "CompanyDetails" operation of the "MailManager" module...

PT-2024-30247 · Vtiger · Vtiger Crm

Name of the Vulnerable Software and Affected Versions: VTiger CRM versions = 8.1.0 Description: The issue arises from improper sanitization of user input before it is used in a SQL statement, leading to a SQL Injection in the CompanyDetails operation of the MailManager module. Recommendations: Fo...