14 matches found
EUVD-2023-44389
Malicious code in bioql PyPI...
CVE-2025-40991 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40989 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...
CVE-2025-40989 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectmessage/add/xxx", affecting to "message" parameter via POST. This vulnerability could allow a remote attacker to send a speciall...
Creativeitem Ekushey CRM 跨站脚本漏洞
Creativeitem Ekushey CRM is an open source project management script by Creativeitem. A cross-site scripting vulnerability exists in Creativeitem Ekushey CRM that stems from insufficient validation of user input and could lead to a stored cross-site scripting attack...
Creativeitem Ekushey CRM 跨站脚本漏洞
Creativeitem Ekushey CRM is an open source project management script from Creativeitem. A cross-site scripting vulnerability exists in Creativeitem Ekushey CRM version 5.0, which stems from a lack of user input validation and could lead to a stored cross-site scripting attack...
Creativeitem Ekushey CRM 跨站脚本漏洞
Creativeitem Ekushey CRM is an open source project management script from Creativeitem. A cross-site scripting vulnerability exists in Creativeitem Ekushey CRM version 5.0, which stems from a lack of input validation for the title and description parameters and could lead to a stored cross-site...
Creativeitem Ekushey CRM 跨站脚本漏洞
Creativeitem Ekushey CRM is an open source project management script from Creativeitem. A cross-site scripting vulnerability exists in Creativeitem Ekushey CRM version 5.0, which stems from a lack of user input validation and could lead to a stored cross-site scripting attack...
CVE-2023-3754
A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...
SUSE CVE-2023-3754
A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...
CVE-2023-3754
A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...
Cross site scripting
A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...
CVE-2023-3754 Creativeitem Ekushey Project Manager CRM xxxxxxxx[random-msg-hash] cross site scripting
A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...
CVE-2023-3754
CVE-2023-3754 affects Creativeitem Ekushey Project Manager CRM 5.0. A cross-site scripting vulnerability exists in an unknown function of the file /index.php/client/message/message_read/xxxxxxxx[random-msg-hash], where manipulating the message parameter enables remote XSS. The primary documents d...