Vtiger Crm Security Vulnerabilities and Issues — Vtiger Crm CVE List

Lucene search

VtigerVtiger Crm

3 matches found

CVE•added 2006/09/06 10:4 p.m.•48 views

CVE-2006-4588

vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access administrative modules via a direct request to index.php with a modified module parameter, as demonstrated using the Settings module.

7.5CVSS7.4AI score0.00811EPSS

CVE•added 2006/09/06 10:4 p.m.•47 views

CVE-2006-4587

Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) description parameter in unspecified modules or the (2) solution parameter in the HelpDesk module.

6.8CVSS6.1AI score0.0157EPSS

CVE•added 2006/09/07 12:4 a.m.•35 views

CVE-2006-4617

Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier versions, allows remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails folder.

7.5CVSS7.8AI score0.00612EPSS