Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
customer relationship management vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2020-14599
Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
Oracle Customer Relationship Management Gateway For Mobile Devices
445
VMScore
CVE-2020-2838
Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
Oracle Customer Relationship Management Gateway For Mobile Devices
490
VMScore
CVE-2007-3854
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has no...
Oracle Apex 1.5.0
Oracle Apex 1.6.1
Oracle Application Server 10.1.2.2.0
Oracle Application Server 10.1.3.0.0
Oracle Database Server 10.2.0.2
Oracle Database Server 10.2.0.3
Oracle Database Server 9.0.1.5
Oracle E-business Suite 11.5.9
Oracle E-business Suite 12.0.0
Oracle Peoplesoft Enterprise Peopletools 8.47
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Application Server 10.1.2.0.2
Oracle Application Server 10.1.2.1.0
Oracle Collaboration Suite 10.1.2
Oracle Database Server 10.1.0.5
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 11.5.8
Oracle Peoplesoft Enterprise Human Capital Management 9.0
Oracle Peoplesoft Enterprise Peopletools 8.22
Oracle Application Server 1.0.2.2
Oracle Application Server 10.1.2.0.1
Oracle Application Server 10.1.3.3.0
NA
CVE-2023-24204
SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows malicious user to execute arbitrary code via the name parameter in get-quote.php.
1 Github repository
NA
CVE-2023-24203
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows malicious user to execute arbitary code via the company or query parameter(s).
1 Github repository
510
VMScore
CVE-2005-4086
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and previous versions allows remote malicious users to include arbitrary local files via ".." sequences in the beanFiles array paramete...
Sugarcrm Sugar Suite 3.5
Sugarcrm Sugar Suite 4.0 Beta
2 EDB exploits
760
VMScore
CVE-2005-4087
PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the beanFiles array parameter.
Sugarcrm Sugar Suite 3.5
Sugarcrm Sugar Suite 4.0 Beta
2 EDB exploits
668
VMScore
CVE-2007-3869
Multiple unspecified vulnerabilities in the Customer Relationship Management Online Marketing component in Oracle PeopleSoft Enterprise 8.9 Bundle 26 and 9.0 Bundle 7 allow remote authenticated users to have an unknown impact, aka (1) PSE04 and (2) PSE05.
Oracle Peoplesoft Enterprise 8.9
Oracle Peoplesoft Enterprise 9.0
NA
CVE-2024-24818
EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8....
1 Github repository
NA
CVE-2023-47643
SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and under...
Salesagility Suitecrm 8.4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »