SQL injection vulnerability in the Calendar module in vTiger CRM 5.2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vtiger vtiger crm 5.0.3 |
||
vtiger vtiger crm 5.0.2 |
||
vtiger vtiger crm 5.1.0 |
||
vtiger vtiger crm 4.2 |
||
vtiger vtiger crm 4.0.1 |
||
vtiger vtiger crm 2.0 |
||
vtiger vtiger crm 1.0 |
||
vtiger vtiger crm |
||
vtiger vtiger crm 5.2.0 |
||
vtiger vtiger crm 4.2.4 |
||
vtiger vtiger crm 2.1 |
||
vtiger vtiger crm 2.0.1 |
||
vtiger vtiger crm 3.0 |
||
vtiger vtiger crm 5.0.4 |
||
vtiger vtiger crm 4.0 |
||
vtiger vtiger crm 3.2 |