140 matches found
Exploit for CVE-2026-38526
CVE-2026-38526 | Krayin CRM v2.2.x Authenticated RCE - Unrestr...
Webkul Krayin CRM is Vulnerable to Cross-Site Scripting in the /admin/activities/create endpoint
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
EUVD-2026-28390
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
GHSA-J822-46R5-H4QX Webkul Krayin CRM is Vulnerable to Cross-Site Scripting in the /admin/activities/create endpoint
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
Cross-site Scripting (XSS)
Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via unsanitized input in th...
CVE-2026-36341
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
CVE-2026-36341
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
CVE-2026-36341
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
CVE-2026-36341
CVE-2026-36341 : Webkul Krayin CRM 2.1.5 contains a Cross-Site Scripting (XSS) flaw in the comment input during Activity creation via the /admin/activities/create endpoint. The root cause is inadequate sanitization of user-supplied input in the comment field. The CVSS v3.1 base score is 5.4 (Medi...
Webkul Krayin CRM 跨站脚本漏洞
Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses developed by the Indian company Webkul. Version 2.1.5 of Webkul Krayin CRM contains a cross-site scripting vulnerability. This vulnerability arises from the lack of cleanup of user input during the...
CVE-2026-36341
Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...
GHSA-32PX-CCFX-CXQ3 Krayin CRM allows a remote attacker to execute arbitrary code via compose email function
An issue in Krayin CRM v.2.1.5, which was fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
Krayin CRM allows a remote attacker to execute arbitrary code via compose email function
An issue in Krayin CRM v.2.1.5, which was fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
Arbitrary Code Injection
Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Arbitrary Code Injection via the compose email...
CVE-2026-36340
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
Exploit for CVE-2026-36340
CVE-2026-36340 Remote Code Execution RCE Vulnerability in Kr...
CVE-2026-36340
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
PT-2026-36116
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
CVE-2026-36340
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
Webkul Krayin CRM 代码注入漏洞
Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses developed by the Indian company Webkul. Version 2.1.5 of Webkul Krayin CRM contains a code injection vulnerability, which stems from issues with the compose email function. This vulnerability could allo...