Vtiger CVE - OpenCVE

Filtered by vendor Vtiger Subscriptions

Total 66 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2019-11057	1 Vtiger	1 Vtiger Crm	2024-08-04	8.8 High
SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands.
CVE-2020-22807	1 Vtiger	1 Vtiger Crm	2024-08-04	9.8 Critical
An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.
CVE-2020-19363	1 Vtiger	1 Vtiger Crm	2024-08-04	6.5 Medium
Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories.
CVE-2020-19362	1 Vtiger	1 Vtiger Crm	2024-08-04	6.1 Medium
Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.
CVE-2022-38335	1 Vtiger	1 Vtiger Crm	2024-08-03	5.4 Medium
Vtiger CRM v7.4.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the e-mail template modules.
CVE-2023-38891	1 Vtiger	1 Vtiger Crm	2024-08-02	8.8 High
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php.

« first previous Page 4 of 4.