Vtiger: >> Vtiger Crm >> 5 Security Vulnerabilities
index.php in vtiger CRM before 5.0.3 allows remote authenticated users to perform administrative changes to arbitrary profile settings via a certain profilePrivileges action in the Users module.
CVSS Score
6.5
EPSS Score
0.004
Published
2007-07-06
The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries.
CVSS Score
4.0
EPSS Score
0.002
Published
2007-07-06
Page 4