vtiger CRM is prone to a remote code-execution vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. vtiger CRM 5.2.1 is vulnerable other versions may also be affected.

• http://seclists.org/fulldisclosure/2011/Oct/223
• http://www.securityfocus.com/bid/49946
• http://www.vtiger.com/

---

Updated on 2015-03-25