Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id parameter to modules/Documents/version_list.php, or (3) contact_id parameter to modules/Documents/index.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
browsercrm browsercrm 5.001.00 |
||
browsercrm browsercrm 5.000.01 |
||
browsercrm browsercrm 4.624.60 |
||
browsercrm browsercrm 4.624.50 |
||
browsercrm browsercrm 4.616.00 |
||
browsercrm browsercrm 4.615.11 |
||
browsercrm browsercrm 4.615.10 |
||
browsercrm browsercrm 4.604.01 |
||
browsercrm browsercrm 5.000.00 |
||
browsercrm browsercrm 4.999.20 |
||
browsercrm browsercrm 4.624.01 |
||
browsercrm browsercrm 4.624.00 |
||
browsercrm browsercrm 4.614.00 |
||
browsercrm browsercrm 4.612.00 |
||
browsercrm browsercrm |
||
browsercrm browsercrm 4.691.01 |
||
browsercrm browsercrm 4.624.90 |
||
browsercrm browsercrm 4.622.00 |
||
browsercrm browsercrm 4.620.01 |
||
browsercrm browsercrm 4.611.01 |
||
browsercrm browsercrm 4.610.00 |
||
browsercrm browsercrm 5.100.00 |
||
browsercrm browsercrm 5.002.00 |
||
browsercrm browsercrm 4.624.80 |
||
browsercrm browsercrm 4.624.70 |
||
browsercrm browsercrm 4.619.00 |
||
browsercrm browsercrm 4.617.00 |
||
browsercrm browsercrm 4.607.00 |
||
browsercrm browsercrm 4.605.00 |
Vulmon