Lucene search
K

10 matches found

OSV
OSV
added 2026/03/19 10:54 p.m.3 views

CVE-2026-29103 SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...

9.1CVSS6.2AI score0.00497EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/19 10:48 p.m.2 views

CVE-2026-29100 SuiteCRM has Reflected HTML Injection in Login Page via default_user_name Parameter

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page that allows attackers to inject arbitrary HTML content, enabling phishing attacks and page defacement. Versio...

7.1CVSS5.9AI score0.00164EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-7009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unsanitized user-input in Calibre = 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database...

7.1CVSS5.9AI score0.13922EPSS
Exploits1References2
CNVD
CNVD
added 2024/08/09 12:0 a.m.7 views

Calibre SQL Injection Vulnerability

Calibre is an open source free all-in-one eBook reading management and format conversion tool. Calibre version 7.15.0 and prior versions suffer from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit thi...

7.1CVSS7.7AI score0.13922EPSS
Exploits1References1
OSV
OSV
added 2024/08/06 4:16 a.m.0 views

UBUNTU-CVE-2024-7008

Unsanitized user-input in Calibre = 7.15.0 allow attackers to perform reflected cross-site scripting...

6.1CVSS5.5AI score0.2406EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/08/06 3:40 a.m.24 views

CVE-2024-7008 Calibre Reflected Cross-Site Scripting (XSS)

Unsanitized user-input in Calibre = 7.15.0 allow attackers to perform reflected cross-site scripting...

5.4CVSS6.5AI score0.2406EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.1 views

PT-2024-38026 · Calibre · Calibre

Name of the Vulnerable Software and Affected Versions: Calibre versions prior to 7.15.0 Description: The issue is related to unsanitized user-input, allowing attackers to perform reflected cross-site scripting. Recommendations: For Calibre versions prior to 7.15.0, update to version 7.15.0 or lat...

6.1CVSS6.5AI score0.2406EPSS
Exploits1References13
NVD
NVD
added 2023/03/08 9:15 p.m.11 views

CVE-2023-22891

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...

8.1CVSS8.2AI score0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/08 12:0 a.m.13 views

CVE-2023-22891

There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...

8.4AI score0.00509EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.30 views

Gentoo Security Advisory GLSA 200510-19 (cURL)

The remote host is missing updates announced in advisory GLSA 200510-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.1AI score0.05188EPSS
Exploits0
Rows per page
Query Builder