Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2020-22807

Disclosure Date: April 29, 2021 (last updated February 22, 2025)
An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-19362

Disclosure Date: January 20, 2021 (last updated February 22, 2025)
Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the view parameter can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-19363

Disclosure Date: January 20, 2021 (last updated February 22, 2025)
Vtiger CRM v7.2.0 allows an attacker to display hidden files, list directories by using /libraries and /layout directories.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0