Arbitrary File Upload Vulnerability in vTiger CRM 4.2 and Earlier

CVE-2005-3824 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action.

Learn more about our Crm Penetration Testing.