103 matches found
Customer Relationship Management System 1.0 Remote Code Execution
Exploit Title: Customer Relationship Management System CRM 1.0 - Remote Code Execution Date: 21.06.2021 Exploit Author: Ishan Saha Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
07FLY-CRM Customer Management System v1.2 suffers from SQL injection vulnerability (CNVD-2021-46819)
07FLY-CRM is a domestic open source general-purpose customer management system for various industries , mainly for small and medium-sized sales / after-sales service team . 07FLY-CRM customer management system v1.2 SQL injection vulnerability , attackers can exploit the vulnerability to obtain...
Customer Relationship Management System (CRM) 1.0 - Remote Code Execution
Exploit Title: Customer Relationship Management System CRM 1.0 - Remote Code Execution Date: 21.06.2021 Exploit Author: Ishan Saha Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
07FLY-CRM Customer Management System suffers from SQL Injection Vulnerability
Zero take-off CRM management system 07FLY-CRM, based on the GPLv3 protocol release, for small and medium-sized enterprise management activities, currently provides customer relationship management CRM, sales and purchase inventory JXC and so on. A SQL injection vulnerability exists in the 07FLY-C...
Customer Relationship Management (CRM) System 1.0 - 'Category' Persistent Cross site Scripting
Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Date: 14-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Customer Relationship Management (CRM) System 1.0 SQL Injection Vulnerability
Exploit Title: Customer Relationship Management CRM System 1.0 - Admin Bypass SQLi Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Customer Relationship Management (CRM) System 1.0 Cross Site Scripting Vulnerability
Exploit Title: Customer Relationship Management CRM System 1.0 - Stored XSS Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Customer Relationship Management (CRM) System 1.0 Shell Upload Vulnerability
Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Customer Relationship Management (CRM) System 1.0 SQL Injection
Exploit Title: Customer Relationship Management CRM System 1.0 - Admin Bypass SQLi Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Customer Relationship Management (CRM) System 1.0 Cross Site Scripting
Exploit Title: Customer Relationship Management CRM System 1.0 - Stored XSS Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...
Hubei dot dot dot Technology Co., Ltd. to help the management of CRM customer management system there are SQL injection vulnerabilities
The HelpManager CRM customer management system is a general-purpose customer relationship management system for small and medium-sized enterprises. The CRM customer management system of Hubei DotDotTech Co., Ltd. suffers from a SQL injection vulnerability, which can be exploited by attackers to...
SQL Injection Vulnerability in CRM System E4/Standard Edition of Pengwei Software Co.
Ltd. was founded in May 2004, headquartered in Shenzhen, China, has more than forty service organizations across the country, is a member of Shenzhen Software Association. It is one of the early domestic enterprises focusing on crm software research and development, and comprehensively provides...
CVE-2019-15301
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...
CVE-2019-15301
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...
Sql injection
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...
CVE-2019-15301
The CVE-2019-15301 entry concerns a SQL injection in Terrasoft Bpmāonline CRM-System SDK 7.13, specifically in Terrasoft.Core.DB.Column.Const(). An attacker can inject arbitrary SQL via the value parameter. Supported details indicate a NETWORK attack with LOW complexity and no authentication, lea...
CVE-2019-15301
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...
Upserve : Blind stored xss in demo form
Through Upserve's demo request form, @pareshparmar found a blind XSS in a 3rd party package for Upserve's CRM system. While the CRM system and 3rd party package are out of scope for our program, we decided to reward @pareshparmar for his work in bringing this issue to our attention. - Endpoint...
SQL Injection Vulnerability in 'name' Parameter of Single Point CRM System
Single point CRM system is a single point of technology development , based on the GPLv3 agreement issued for small and medium-sized management activities , to provide customer relationship management CRM, sales and marketing inventory JXC, human resources HRM, logistics office supplies , fixed...
Guest Post: Vtiger 6.5.0 - SQL Injection
RIPS Analysis RIPS analyzed the 27,371 files with around 650,000 lines of code in only 6 minutes. Due to the nature of a CRM system, it is necessary to have a valid user account to access any of the provided features. Nevertheless, the discovered issues allowed low-privileged users to access high...