CVE-2016-10754

CVE-2016-10754

EPSS 1.5%

modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://blog.ripstech.com/2016/vtiger-sql-injection/https://demo.ripstech.com/projects/vtiger_6.5.0