CVE-2005-3818

vtiger CRM < 4.2 - Cross-Site Scripting via Multiple Input Fields

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-3818. PoCs published by Christopher Kunz.

AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in vtiger CRM, including SQL injection, HTML injection, XSS, and local file inclusion. It references a security advisory and does not contain actual exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) various input fields, including the contact, lead, and first or last name fields, (2) the record parameter in a DetailView action in the Leads module for index.php, (3) the $_SERVER['PHP_SELF'] variable, which is used in multiple locations such as index.php, and (4) aggregated RSS feeds in the RSS aggregation module.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Christopher Kunz · textwebappsphp
https://www.exploit-db.com/exploits/26585

The provided text describes multiple input validation vulnerabilities in vtiger CRM, including SQL injection, HTML injection, XSS, and local file inclusion. It references a security advisory and does not contain actual exploit code.

Classification
Writeup 90%
Attack Type
Xss | Sqli | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: vtiger CRM (version not specified)
No auth needed
Prerequisites: Access to the vulnerable vtiger CRM instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Christopher Kunz · textwebappsphp
https://www.exploit-db.com/exploits/26584

The provided text describes multiple input validation vulnerabilities in vtiger CRM, including SQL injection, HTML injection, XSS, and local file inclusion. It references a specific XSS example but does not include functional exploit code.

Classification
Writeup 90%
Attack Type
Xss | Sqli | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: vtiger CRM (version not specified)
No auth needed
Prerequisites: Access to a vulnerable vtiger CRM instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.hardened-php.net/advisory_232005.105.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15562
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21228
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23363
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2569
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015271
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/417730/30/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21227
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17693
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21230
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21229
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23362

Scores

EPSS 0.0508
EPSS Percentile 91.2%

Details

Status published
Products (1)
vtiger/vtiger_crm < 4.2
Published Nov 26, 2005
Tracked Since Feb 18, 2026