Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
customer relationship management vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-2838
Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
Oracle Customer Relationship Management Gateway For Mobile Devices
6.4
CVSSv2
CVE-2020-14598
Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
Oracle Customer Relationship Management Gateway For Mobile Devices
5.5
CVSSv2
CVE-2007-3854
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has no...
Oracle Database Server 10.2.0.3
Oracle Application Server 10.1.2.0.2
Oracle Database Server 9.0.1.5
Oracle Peoplesoft Enterprise Customer Relationship Management 9.0
Oracle Peoplesoft Enterprise Peopletools 8.47
Oracle Application Server 10.1.3.2.0
Oracle Application Server 10.1.3.1.0
Oracle Application Server 10.1.2.1.0
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Application Server 1.0.2.2
Oracle Peoplesoft Enterprise Human Capital Management 9.0
Oracle Secure Enterprise Search 10.1.8
Oracle Apex 1.6.1
Oracle Peoplesoft Enterprise Customer Relationship Management 8.9
Oracle Database Server 9.2.0.7
Oracle E-business Suite 12.0.0
Oracle Database Server 9.2.0.8
Oracle E-business Suite 11.5.10.2
Oracle Apex 2.2
Oracle E-business Suite 12.0.1
Oracle Application Server 9.0.4.3
Oracle Apex 1.5.0
NA
CVE-2023-24204
SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows malicious user to execute arbitrary code via the name parameter in get-quote.php.
1 Github repository
NA
CVE-2023-24203
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows malicious user to execute arbitary code via the company or query parameter(s).
1 Github repository
5
CVSSv2
CVE-2005-4086
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and previous versions allows remote malicious users to include arbitrary local files via ".." sequences in the beanFiles array paramete...
Sugarcrm Sugar Suite 3.5
Sugarcrm Sugar Suite 4.0 Beta
2 EDB exploits
NA
CVE-2024-36406
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions before 7.14.4 and 8.6.1, unchecked input allows for open re-direct. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
7.5
CVSSv2
CVE-2005-4087
PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the beanFiles array parameter.
Sugarcrm Sugar Suite 3.5
Sugarcrm Sugar Suite 4.0 Beta
2 EDB exploits
7.5
CVSSv2
CVE-2007-3869
Multiple unspecified vulnerabilities in the Customer Relationship Management Online Marketing component in Oracle PeopleSoft Enterprise 8.9 Bundle 26 and 9.0 Bundle 7 allow remote authenticated users to have an unknown impact, aka (1) PSE04 and (2) PSE05.
Oracle Peoplesoft Enterprise 8.9
Oracle Peoplesoft Enterprise 9.0
NA
CVE-2024-36419
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. A vulnerability in versions before 8.6.1 allows for Host Header Injection when directly accessing the `/legacy` route. Version 8.6.1 contains a patch for the issue.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »