In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.
9.8CVSS
9.8AI Score
0.214EPSS
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component ./clients/client via the company name parameter.
5.4CVSS
5.2AI Score
0.001EPSS
5.4CVSS
5.3AI Score
0.001EPSS