Vulnerability Database

Published: Nov 26, 2005
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2005-3824" target="_blank" rel="noopener"> CVE-2005-3824
Severity: Medium
Exploit:

311,447

Total vulnerabilities in the database

The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action.

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
vtiger / vtiger_crm	-	4.2.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.