| Max CVSS | 6.4 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-2268 | 5.0 |
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by ex
|
20-11-2017 - 18:27 | 16-11-2014 - 01:59 | |
| CVE-2014-2269 | 6.4 |
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters.
|
22-04-2014 - 16:31 | 22-04-2014 - 13:06 |