vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code.Referenceshttp://www.exploit-db.com/exploits/27279http://www.securityfocus.com/bid/61560https://exchange.xforce.ibmcloud.com/vulnerabilities/86162
