Skip to main content
CVE-2019-5009 HIGH POC PATCH This Week

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP File Upload Vtiger Crm
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
9.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy