Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vtiger vtiger crm 5.3.0 vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2013-3591
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.4.0
1 EDB exploit
505
VMScore
CVE-2014-2268
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote malicious users to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by executing arbitrary PHP co...
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 5.0.2
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 4.0
Vtiger Vtiger Crm 4.0.1
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 6.0.0
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 5.3.0
1 EDB exploit
755
VMScore
CVE-2013-3213
Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 up to and including 5.4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) picklist_name parameter in the get_picklists method to soap/customerportal.php, (2) where parameter in the get_tickets_l...
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.4.0
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.0.1
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 5.0.2
1 EDB exploit
655
VMScore
CVE-2013-5091
SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows remote authenticated users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. NOTE: this issue might be a duplicate of CVE-2011-4559.
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.3.0
Vtiger Vtiger Crm 4.0.1
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 5.2.0
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 4.0
Vtiger Vtiger Crm 5.0.2
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm
1 EDB exploit
356
VMScore
CVE-2011-4679
vtiger CRM prior to 5.3.0 does not properly recognize the disabled status of a field in the Leads module, which allows remote authenticated users to bypass intended access restrictions by reading a previously created report.
Vtiger Vtiger Crm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started