CVE-2024-42994 | VTiger CRM up to 8.1.0 MailManager CompanyDetails sql injection

Posted by Angelo Barbosa | Aug 16, 2024 | CVE

A vulnerability was found in VTiger CRM up to 8.1.0. It has been rated as critical. Affected by this issue is the function CompanyDetails of the component MailManager. The manipulation leads to sql injection.

This vulnerability is handled as CVE-2024-42994. The attack may be launched remotely. There is no exploit available.

CVE-2024-42994 | VTiger CRM up to 8.1.0 MailManager CompanyDetails sql injection

Related Posts

CVE-2024-6183 | EZ-Suite EZ-Partner 5 Forgot Password cross site scripting

CVE-2024-24923 | Siemens Simcenter Femap prior 2306.0001/2401.0000 Catia Model File out-of-bounds (ssa-000072)

CVE-2024-45695 | D-Link DIR-X4860 A1 1.00/1.04 Web Service stack-based overflow

CVE-2023-4463 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 HTTP Header Cookie denial of service (MZ-23-01)