Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crm vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-43130
An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php.
Customer Relationship Management System Project Customer Relationship Management System 1.0
10
CVSSv2
CVE-2020-7995
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.
Dolibarr Dolibarr Erp/crm 10.0.6
10
CVSSv2
CVE-2013-2093
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote malicious users to execute arbitrary commands.
Dolibarr Dolibarr Erp/crm 3.3.1
10
CVSSv2
CVE-2014-8661
The SAP CRM Internet Sales module allows remote malicious users to execute arbitrary commands via unspecified vectors.
Sap Customer Relationship Management Internet Sales -
10
CVSSv2
CVE-2014-8669
The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote malicious users to execute arbitrary code via unspecified vectors.
Sap Customer Relationship Management -
10
CVSSv2
CVE-2013-7095
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.
Sap Customer Relationship Management 7.02
10
CVSSv2
CVE-2006-5370
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS06 for Oracle CRM Gateway for Mobile Devices and (2) APPS08 for Oracle iStore.
Oracle E-business Suite 11.5.10.2
10
CVSSv2
CVE-2006-0278
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS02 in the (a) CRM Technical Foundation component; (2) APPS03 in the (b) iProcurement component; and (3) APPS04...
Oracle E-business Suite 11.5.9
10
CVSSv2
CVE-2005-3466
Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to 8.9 has unknown impact and attack vectors, as identified by Oracle Vuln# CRM01.
Oracle Peoplesoft Enterprise Customer Relationship Management 8.81
Oracle Peoplesoft Enterprise Customer Relationship Management
9.3
CVSSv2
CVE-2009-3737
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote malicious users to execute arbitrary code via a crafted HTML document.
Oracle Siebel Option Pack Ie Activex Control
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »