15783 matches found
CVE-2025-10344
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...
CVE-2025-10341
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the endpoint '/clients/client/x...
CVE-2025-10345
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'address' at the endpoint 'admin/leads/lead'...
CVE-2025-10345
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'address' at the endpoint 'admin/leads/lead'...
CVE-2025-10346
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'subject' at the endpoint 'knoewledgebase/article'...
CVE-2025-10342
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'name' at the endpoint '/subscriptions/create'...
CVE-2025-10343
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
CVE-2025-10344
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...
CVE-2025-10342
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'name' at the endpoint '/subscriptions/create'...
CVE-2025-10343
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expensename' at the endpoint '/expenses/expense'...
CVE-2025-10344
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...
CVE-2025-10341
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the endpoint '/clients/client/x...
CVE-2025-10341
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the endpoint '/clients/client/x...
CVE-2025-10346
CVE-2025-10346 affects Perfex CRM v3.2.1 with a stored HTML injection in the knowledge_base/article endpoint. The vulnerability arises from insufficient input validation of the subject parameter, allowing an attacker to inject arbitrary HTML via a POST request. Multiple sources corroborate this: ...
CVE-2025-10345 HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'address' at the endpoint 'admin/leads/lead'...
CVE-2025-10345
CVE-2025-10345 affects Perfex CRM in version 3.2.1. The issue is a stored HTML injection caused by insufficient validation of user input in the POST request to /admin/leads/lead, with malicious HTML supplied via the name and address parameters. Impact is described as stored HTML injection; exploi...
CVE-2025-10344 HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...
CVE-2025-10344 HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'...
CVE-2025-10344
CVE-2025-10344 describes a stored HTML-injection vulnerability in Perfex CRM v3.2.1. The issue arises from insufficient validation of user input in the API at the endpoint /projects/project/x, where HTML can be injected via the POST parameters named, clientid. The core impact is stored HTML injec...
CVE-2025-10343
CVE-2025-10343 describes a stored HTML injection in Perfex CRM v3.2.1 caused by insufficient validation of user input. An attacker can inject HTML by sending a POST request to the /expenses/expense endpoint, with the malicious content in the expense_name parameter. The connected sources confirm P...