CVE-2014-5521
XRMS CRM (plugin path plugins/useradmin/fingeruser.php) is affected by CVE-2014-5521. The vulnerability allows remote authenticated users to execute arbitrary code through shell metacharacters in the username parameter, due to insufficient input validation in fingeruser.php (likely in XRMS CRM 1....