Vulnerability Database

311,447

Total vulnerabilities in the database

CVE-2016-10754

modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter.

  • Published: May 24, 2019
  • Updated: Nov 9, 2025
  • CVE: CVE-2016-10754
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
vtiger / vtiger_crm 6.5.0 6.5.0.x