Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vtiger vtiger crm 5.0.4 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2008-3458
Vtiger CRM prior to 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read mail merge templates via a direct request to the wordtemplatedownload directory.
Vtiger Vtiger Crm
435
VMScore
CVE-2009-3247
Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote malicious users to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: the query_string vector is already covered by CVE-2008-3101.3.
Vtiger Vtiger Crm 5.0.4
1 EDB exploit
435
VMScore
CVE-2008-3101
Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 5.0.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the parenttab parameter in an index action to the Products module, as reachable through index.php; (2) the user_password parameter i...
Vtiger Vtiger Crm 5.0.4
1 EDB exploit
383
VMScore
CVE-2011-4680
Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM prior to 5.2.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Vtiger Vtiger Crm 4.0.1
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 3
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.2.1
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 4.0
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 5.0.2
383
VMScore
CVE-2010-3911
Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM prior to 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the username (aka default_user_name) field or (2) the password field in a Users Login action to index.php, or (3) the label...
Vtiger Vtiger Crm 2.1
Vtiger Vtiger Crm 1.0
Vtiger Vtiger Crm 4.0.1
Vtiger Vtiger Crm 5.0.0
Vtiger Vtiger Crm 4
Vtiger Vtiger Crm 5.1.0
Vtiger Vtiger Crm 2.0
Vtiger Vtiger Crm 3
Vtiger Vtiger Crm 5.0.3
Vtiger Vtiger Crm 5.0.4
Vtiger Vtiger Crm 4.2.4
Vtiger Vtiger Crm 3.2
Vtiger Vtiger Crm 3.0
Vtiger Vtiger Crm
Vtiger Vtiger Crm 5.0.2
Vtiger Vtiger Crm 2.0.1
Vtiger Vtiger Crm 4.2
Vtiger Vtiger Crm 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2