Lucene search
K

103 matches found

Packet Storm
Packet Storm
•added 2021/06/22 12:0 a.m.•104 views

Customer Relationship Management System 1.0 Remote Code Execution

Exploit Title: Customer Relationship Management System CRM 1.0 - Remote Code Execution Date: 21.06.2021 Exploit Author: Ishan Saha Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

0.1AI score
Exploits0
CNVD
CNVD
•added 2021/06/21 12:0 a.m.•1 views

07FLY-CRM Customer Management System v1.2 suffers from SQL injection vulnerability (CNVD-2021-46819)

07FLY-CRM is a domestic open source general-purpose customer management system for various industries , mainly for small and medium-sized sales / after-sales service team . 07FLY-CRM customer management system v1.2 SQL injection vulnerability , attackers can exploit the vulnerability to obtain...

7.5AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/06/21 12:0 a.m.•432 views

Customer Relationship Management System (CRM) 1.0 - Remote Code Execution

Exploit Title: Customer Relationship Management System CRM 1.0 - Remote Code Execution Date: 21.06.2021 Exploit Author: Ishan Saha Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
CNVD
CNVD
•added 2021/06/18 12:0 a.m.•7 views

07FLY-CRM Customer Management System suffers from SQL Injection Vulnerability

Zero take-off CRM management system 07FLY-CRM, based on the GPLv3 protocol release, for small and medium-sized enterprise management activities, currently provides customer relationship management CRM, sales and purchase inventory JXC and so on. A SQL injection vulnerability exists in the 07FLY-C...

7.5AI score
Exploits0
Exploit DB
Exploit DB
•added 2021/05/17 12:0 a.m.•255 views

Customer Relationship Management (CRM) System 1.0 - 'Category' Persistent Cross site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Date: 14-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
•added 2021/05/12 12:0 a.m.•34 views

Customer Relationship Management (CRM) System 1.0 SQL Injection Vulnerability

Exploit Title: Customer Relationship Management CRM System 1.0 - Admin Bypass SQLi Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
•added 2021/05/12 12:0 a.m.•29 views

Customer Relationship Management (CRM) System 1.0 Cross Site Scripting Vulnerability

Exploit Title: Customer Relationship Management CRM System 1.0 - Stored XSS Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
•added 2021/05/12 12:0 a.m.•71 views

Customer Relationship Management (CRM) System 1.0 Shell Upload Vulnerability

Exploit Title: Customer Relationship Management CRM Unrestricted File Upload unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

Exploits0
Packet Storm
Packet Storm
•added 2021/05/11 12:0 a.m.•228 views

Customer Relationship Management (CRM) System 1.0 SQL Injection

Exploit Title: Customer Relationship Management CRM System 1.0 - Admin Bypass SQLi Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/05/11 12:0 a.m.•176 views

Customer Relationship Management (CRM) System 1.0 Cross Site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - Stored XSS Date: 11/05/2021 Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/14794/customer-relationship-management-crm-system-php-source-code.html Software Link:...

Exploits0
CNVD
CNVD
•added 2021/04/07 12:0 a.m.•4 views

Hubei dot dot dot Technology Co., Ltd. to help the management of CRM customer management system there are SQL injection vulnerabilities

The HelpManager CRM customer management system is a general-purpose customer relationship management system for small and medium-sized enterprises. The CRM customer management system of Hubei DotDotTech Co., Ltd. suffers from a SQL injection vulnerability, which can be exploited by attackers to...

7.5AI score
Exploits0
CNVD
CNVD
•added 2020/12/08 12:0 a.m.•3 views

SQL Injection Vulnerability in CRM System E4/Standard Edition of Pengwei Software Co.

Ltd. was founded in May 2004, headquartered in Shenzhen, China, has more than forty service organizations across the country, is a member of Shenzhen Software Association. It is one of the early domestic enterprises focusing on crm software research and development, and comprehensively provides...

7.8AI score
Exploits0
NVD
NVD
•added 2019/09/18 9:15 p.m.•16 views

CVE-2019-15301

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

9.8CVSS9.9AI score0.01468EPSS
Exploits0References1
OSV
OSV
•added 2019/09/18 9:15 p.m.•3 views

CVE-2019-15301

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

9.8CVSS7.6AI score0.01468EPSS
Exploits0References1
Prion
Prion
•added 2019/09/18 9:15 p.m.•19 views

Sql injection

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

7.5CVSS9.8AI score0.01468EPSS
Exploits0References1Affected Software1
CVE
CVE
•added 2019/09/18 8:59 p.m.•107 views

CVE-2019-15301

The CVE-2019-15301 entry concerns a SQL injection in Terrasoft Bpm’online CRM-System SDK 7.13, specifically in Terrasoft.Core.DB.Column.Const(). An attacker can inject arbitrary SQL via the value parameter. Supported details indicate a NETWORK attack with LOW complexity and no authentication, lea...

9.8CVSS9.8AI score0.01468EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
•added 2019/09/18 8:59 p.m.•22 views

CVE-2019-15301

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

10AI score0.01468EPSS
Exploits0References1
Hacker One
Hacker One
•added 2018/03/10 11:53 a.m.•26 views

Upserve : Blind stored xss in demo form

Through Upserve's demo request form, @pareshparmar found a blind XSS in a 3rd party package for Upserve's CRM system. While the CRM system and 3rd party package are out of scope for our program, we decided to reward @pareshparmar for his work in bringing this issue to our attention. - Endpoint...

1.2AI score
Exploits0
CNVD
CNVD
•added 2017/02/26 12:0 a.m.•1 views

SQL Injection Vulnerability in 'name' Parameter of Single Point CRM System

Single point CRM system is a single point of technology development , based on the GPLv3 agreement issued for small and medium-sized management activities , to provide customer relationship management CRM, sales and marketing inventory JXC, human resources HRM, logistics office supplies , fixed...

7.6AI score
Exploits0
ripstech
ripstech
•added 2016/12/15 11:0 a.m.•23 views

Guest Post: Vtiger 6.5.0 - SQL Injection

RIPS Analysis RIPS analyzed the 27,371 files with around 650,000 lines of code in only 6 minutes. Due to the nature of a CRM system, it is necessary to have a valid user account to access any of the provided features. Nevertheless, the discovered issues allowed low-privileged users to access high...

7AI score
Exploits0
Rows per page
Query Builder