EUVD-2019-5468

Malware in sbrugna...

EUVD-2020-7929

Malware in sbrugna...

CVE-2019-14221

1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation...

CVE-2020-15958

An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL...

Design/Logic Flaw

An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL...

CVE-2020-15958

CVE-2020-15958 affects 1CRM System up to version 8.6.7. It exposes an insecure direct object reference to internally stored files, enabling an unauthenticated remote attacker to access sensitive information via a predictable URL. The advisory in PacketStorm (ARA-2020-005) cites CVSS v3 score 8.6 ...

CVE-2020-15958

An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL...

CVE-2019-14221

1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation...

Cross site scripting

1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation...

CVE-2019-14221

1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation...

CVE-2019-14221

1CRM On-Premise Software 8.5.7 is affected by a Cross-Site Scripting vulnerability triggered by a payload mishandled during a Run Report operation. The issue is described across CVE-2019-14221 entries (NVD, RH, CNVD, PRION) as XSS, with some references labeling it stored/persistent. Public disclo...

1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications 1CRM On-Premise Software 8.5.7 Stored XSS //////////////////////////////////////////////////////////////////////////////////// Exploit Title: 1CRM On-Premise Software 8.5.7 - Cross-Site Scripting Date: 19/07/2019 Exploit Author: Kusol...

1CRM On-Premise Software 8.5.7 Cross Site Scripting

1CRM On-Premise Software 8.5.7 Stored XSS //////////////////////////////////////////////////////////////////////////////////// Exploit Title: 1CRM On-Premise Software 8.5.7 - Cross-Site Scripting Date: 19/07/2019 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://1crm.com/ Version:...

1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting

1CRM On-Premise Software 8.5.7 Stored XSS //////////////////////////////////////////////////////////////////////////////////// Exploit Title: 1CRM On-Premise Software 8.5.7 - Cross-Site Scripting Date: 19/07/2019 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://1crm.com/ Version:...