10 matches found
CVE-2026-29103 SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. A Critical Remote Code Execution RCE vulnerability exists in SuiteCRM 7.15.0 and 8.9.2, allowing authenticated administrators to execute arbitrary system commands. This vulnerability is a direc...
CVE-2026-29100 SuiteCRM has Reflected HTML Injection in Login Page via default_user_name Parameter
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page that allows attackers to inject arbitrary HTML content, enabling phishing attacks and page defacement. Versio...
Linux Distros Unpatched Vulnerability : CVE-2024-7009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unsanitized user-input in Calibre = 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database...
Calibre SQL Injection Vulnerability
Calibre is an open source free all-in-one eBook reading management and format conversion tool. Calibre version 7.15.0 and prior versions suffer from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit thi...
UBUNTU-CVE-2024-7008
Unsanitized user-input in Calibre = 7.15.0 allow attackers to perform reflected cross-site scripting...
CVE-2024-7008 Calibre Reflected Cross-Site Scripting (XSS)
Unsanitized user-input in Calibre = 7.15.0 allow attackers to perform reflected cross-site scripting...
PT-2024-38026 · Calibre · Calibre
Name of the Vulnerable Software and Affected Versions: Calibre versions prior to 7.15.0 Description: The issue is related to unsanitized user-input, allowing attackers to perform reflected cross-site scripting. Recommendations: For Calibre versions prior to 7.15.0, update to version 7.15.0 or lat...
CVE-2023-22891
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...
CVE-2023-22891
There exists a privilege escalation vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by authorized users to reset passwords for other accounts...
Gentoo Security Advisory GLSA 200510-19 (cURL)
The remote host is missing updates announced in advisory GLSA 200510-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...