29 matches found
EUVD-2017-0270
Malware in sbrugna...
EUVD-2018-6315
Malware in sbrugna...
EUVD-2018-6316
Malware in sbrugna...
EUVD-2018-6314
Malware in sbrugna...
bittytax (=0.5.2), creme-crm (>=2.3.1 <=2.6.20) +22 more potentially affected by CVE-2024-25885 via xhtml2pdf (>=0.0.6 <=0.2.16)
xhtml2pdf PYPI version =0.0.6, =2.3.1, =0.3.0, =1.0.0, =1.0.3, =1.0.2, =1.0.3, =0.1.132, =1.6.0, =3.0.0, =0.1.11, =0.1.10, =0.1.11 and more Source cves: CVE-2024-25885 Source advisory: OSV:GHSA-JJ5C-HHRG-VV5H...
creme-gewinnen.de Cross Site Scripting vulnerability OBB-3033629
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Creme CRM Cross-Site Scripting Vulnerability (CNVD-2019-17467)
Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the organization creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...
Creme CRM Cross-Site Scripting Vulnerability
Creme CRM is a customer relationship management system. The system features sales automation, customer service and sending and receiving e-mail. A cross-site scripting vulnerability exists in the salesman creation page in Creme CRM version 1.6.12, which can be exploited by remote attackers to...
Cross site scripting
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
Design/Logic Flaw
An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials...
CVE-2018-14397
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
CVE-2018-14398
An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials...
CVE-2018-14396
An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
Cross site scripting
An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
CVE-2018-14396
An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
CVE-2018-14398
An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials...
CVE-2018-14397
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
CVE-2018-14397
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billingaddress-address, billingaddress-zipcode, billingaddress-city, billingaddress-department, shippingaddress-address,...
CVE-2018-14398
The CVE-2018-14398 entry affects Creme CRM 1.6.12: the cancel button’s value is sourced from the HTTP Referer header, enabling potential redirection to a fraudulent login page to steal credentials. Affected component: web UI logic handling cancel navigation; root cause: using Referer content in U...
CVE-2018-14397
CVE-2018-14397 affects Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities impacting parameters including name, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, s...