Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2005-3822

Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username in the login form or (2) record parameter, as demonstrated in the EditView action for the Contacts module.

  • Published: Nov 26, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-3822
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
vtiger / vtiger_crm - 4.2.x