Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and previous versions allow remote malicious users to inject arbitrary SQL commands and bypass authentication via the (1) user_name and (2) date parameter in the HelpDesk module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vtiger vtiger crm |