Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2005-3823

The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function.

  • Published: Nov 26, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-3823
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
vtiger / vtiger_crm - 4.2.x