Filtered by vendor Vtiger
Subscriptions
Filtered by product Vtiger Crm
Subscriptions
Total
66 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-11057 | 1 Vtiger | 1 Vtiger Crm | 2024-08-04 | 8.8 High |
SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands. | ||||
CVE-2020-22807 | 1 Vtiger | 1 Vtiger Crm | 2024-08-04 | 9.8 Critical |
An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature. | ||||
CVE-2020-19363 | 1 Vtiger | 1 Vtiger Crm | 2024-08-04 | 6.5 Medium |
Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories. | ||||
CVE-2020-19362 | 1 Vtiger | 1 Vtiger Crm | 2024-08-04 | 6.1 Medium |
Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page. | ||||
CVE-2022-38335 | 1 Vtiger | 1 Vtiger Crm | 2024-08-03 | 5.4 Medium |
Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the e-mail template modules. | ||||
CVE-2023-38891 | 1 Vtiger | 1 Vtiger Crm | 2024-08-02 | 8.8 High |
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php. |