Vulnerabilities > Vtiger > Vtiger CRM > 5.1.0

DATE CVE VULNERABILITY TITLE RISK
2009-09-18 CVE-2009-3258 Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM
vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors.
network
low complexity
vtiger CWE-264
critical
9.0
2009-09-18 CVE-2009-3251 Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM
include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view.
network
low complexity
vtiger CWE-264
4.0