CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3458

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.9%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2008-3458

Vtiger » Vtiger Crm » Version: 1.0

cpe:2.3:a:vtiger:vtiger_crm:1.0
Vtiger » Vtiger Crm » Version: 2.0

cpe:2.3:a:vtiger:vtiger_crm:2.0
Vtiger » Vtiger Crm » Version: 2.0.1

cpe:2.3:a:vtiger:vtiger_crm:2.0.1
Vtiger » Vtiger Crm » Version: 2.1

cpe:2.3:a:vtiger:vtiger_crm:2.1
Vtiger » Vtiger Crm » Version: 3.0

cpe:2.3:a:vtiger:vtiger_crm:3.0
Vtiger » Vtiger Crm » Version: 3.2

cpe:2.3:a:vtiger:vtiger_crm:3.2
Vtiger » Vtiger Crm » Version: 4

cpe:2.3:a:vtiger:vtiger_crm:4
Vtiger » Vtiger Crm » Version: 4.0

cpe:2.3:a:vtiger:vtiger_crm:4.0
Vtiger » Vtiger Crm » Version: 4.0.1

cpe:2.3:a:vtiger:vtiger_crm:4.0.1
Vtiger » Vtiger Crm » Version: 4.2

cpe:2.3:a:vtiger:vtiger_crm:4.2
Vtiger » Vtiger Crm » Version: 4.2.4

cpe:2.3:a:vtiger:vtiger_crm:4.2.4
Vtiger » Vtiger Crm » Version: 5

cpe:2.3:a:vtiger:vtiger_crm:5
Vtiger » Vtiger Crm » Version: 5.0

cpe:2.3:a:vtiger:vtiger_crm:5.0
Vtiger » Vtiger Crm » Version: 5.0.0

cpe:2.3:a:vtiger:vtiger_crm:5.0.0
Vtiger » Vtiger Crm » Version: 5.0.1

cpe:2.3:a:vtiger:vtiger_crm:5.0.1
Vtiger » Vtiger Crm » Version: 5.0.2

cpe:2.3:a:vtiger:vtiger_crm:5.0.2
Vtiger » Vtiger Crm » Version: 5.0.3

cpe:2.3:a:vtiger:vtiger_crm:5.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3458

Products

Pricing

Contact Us