Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
customer relationship management vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-4121
yetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Yetiforce Yetiforce Customer Relationship Management
NA
CVE-2023-5020
A vulnerability, which was classified as critical, has been found in 07FLY CRM V2. This issue affects some unknown processing of the file /index.php/sysmanage/Login/login_auth/ of the component Administrator Login Page. The manipulation of the argument account leads to sql inject...
07fly Customer Relationship Management 2.0
NA
CVE-2022-2829
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm before 6.4.0.
Yetiforce Yetiforce Customer Relationship Management
10
CVSSv2
CVE-2013-7095
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
Sap Customer Relationship Management 7.02
2.1
CVSSv2
CVE-2021-37468
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.
Nch Reflect Customer Relationship Management
NA
CVE-2022-3004
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm before 6.4.0.
Yetiforce Yetiforce Customer Relationship Management
NA
CVE-2022-3005
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm before 6.4.0.
Yetiforce Yetiforce Customer Relationship Management
NA
CVE-2022-2885
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm before 6.4.0.
Yetiforce Yetiforce Customer Relationship Management
NA
CVE-2022-2890
Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm before 6.4.0.
Yetiforce Yetiforce Customer Relationship Management
4.3
CVSSv2
CVE-2022-1411
Unrestructed file upload in GitHub repository yetiforcecompany/yetiforcecrm before 6.4.0. Attacker can send malicious files to the victims is able to retrieve the stored data from the web application without that data being made safe to render in the browser and steals victim...
Yetiforce Yetiforce Customer Relationship Management
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »