The vTiger CRM 5.2.1 and lower versions are vulnerable to Blind SQL Injection. No fixed version has been released as of 2011-10-05.
vtiger CRM is a free, full-featured, 100% Open Source CRM software ideal for small and medium businesses, with low-cost product support available to production users that need reliable support. vtiger CRM is a widely used product with thousands of users in dozens of countries. It has a vibrant community of users driving the product forward, and contributing to it's development. Over 2 million copies of vtiger CRM have been downloaded so far. It was launched as a fork of version 1.0 of the SugarCRM project launched on December 31st, 2004.
- Blind SQL Injection:-
- Remote Code Execution:-
Tested on 5.2.1
LINK TO OUR HOME PAGE :