Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zurmo zurmo crm vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2017-7188
Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse.
Zurmo Zurmo Crm
1 Github repository
436
VMScore
CVE-2017-16569
An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an http: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting.
Zurmo Zurmo Crm 3.2.1.57987acc3018
312
VMScore
CVE-2017-18004
Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint.
Zurmo Zurmo Crm 3.2.3
2 Github repositories
312
VMScore
CVE-2017-15039
Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018 via a data: URL in the redirectUrl parameter to app/index.php/meetings/default/createMeeting.
Zurmo Zurmo Crm 3.2.1.57987acc3018
312
VMScore
CVE-2015-5365
Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "What's going on?" profile field.
Zurmo Zurmo Crm 3.0.2
383
VMScore
CVE-2018-16654
Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1.
Zurmo Zurmo Crm 3.2.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started