22 matches found
CVE-2025-11946
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
EUVD-2018-2438
Malware in sbrugna...
EUVD-2025-29620
Malicious code in bioql PyPI...
CVE-2025-10341
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the endpoint '/clients/client/x...
CVE-2025-10341 HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the endpoint '/clients/client/x...
CVE-2025-10341
Summary: CVE-2025-10341 affects Perfex CRM v3.2.1 with a stored HTML injection vulnerability in the /clients/client/x endpoint. The issue arises from insufficient validation of the POST parameter “company,” enabling stored HTML injection. Affected software: Perfex CRM 3.2.1 (web application). Vul...
CVE-2025-56289
code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...
CVE-2025-56289
code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...
CVE-2025-56289
code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...
CVE-2025-56289
code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...
Code-Projects Document Management System 安全漏洞
Code-Projects Document Management System is an open source document management system from Code-Projects. A security vulnerability exists in Code-Projects Document Management System version 1.0, which stems from a failure to filter malicious cross-site scripting code in the Company field when...
PT-2025-37995
Name of the Vulnerable Software and Affected Versions: code-projects Document Management System version 1.0 Description: The Document Management System contains a Cross Site Scripting XSS flaw. An attacker can exploit this issue to leak an administrator's cookie information by injecting malicious...
CVE-2025-56289
code-projects Document Management System 1.0 has a Cross Site Scripting XSS vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field when adding files...
CVE-2023-45394
Stored Cross-Site Scripting XSS vulnerability in the Company field in the "Request a Quote" Section of Small CRM v3.0 allows an attacker to store and execute malicious javascript code in the Admin panel which leads to Admin account takeover...
CVE-2023-45394
Stored Cross-Site Scripting XSS vulnerability in the Company field in the "Request a Quote" Section of Small CRM v3.0 allows an attacker to store and execute malicious javascript code in the Admin panel which leads to Admin account takeover...
CVE-2023-39712
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section...
CVE-2023-39712
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section...
CVE-2023-39709
Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section...
Inventory Management System 跨站脚本漏洞
Inventory Management System is an inventory management system from the individual developers of stemword. A security vulnerability exists in Free and Open Source Inventory Management System v1.0 that could allow an attacker to execute arbitrary web script or HTML by injecting a crafted payload in...
Simple Customer Relationship Management SQL注入漏洞
Simple Customer Relationship Management Simple CRM is a Simple Customer Relationship Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Customer Relationship Management System v1.0, which originates from a SQL injection vulnerability in the company...