Arbitrary File Upload Vulnerability in vTiger CRM 4.2 and Earlier

CVE-2005-3824

The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action.

Learn more about our Crm Penetration Testing.