Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:24 a.m.10 views

CVE-2013-5692

Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the file parameter to index.php/admin/translationManager...

8.5CVSS6.9AI score0.05791EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2015/02/25 12:0 a.m.35 views

X2Engine < 3.5.1 Multiple Vulnerabilities

According to its version number, the X2Engine application installed on the remote web server is prior to version 3.5.1. It is, therefore, potentially affected by multiple vulnerabilities : - A PHP file inclusion vulnerability exists due to insufficient sanitization of the 'file' HTTP GET paramete...

8.5CVSS5.3AI score0.05791EPSS
Exploits6References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.55 views

X2CRM 3.4.1 - Multiple Vulnerabilities

No description provided by source. Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure:...

8.5CVSS6.4AI score0.05791EPSS
Exploits6
securityvulns
securityvulns
added 2013/10/02 12:0 a.m.62 views

Multiple Vulnerabilities in X2CRM

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.2AI score0.05791EPSS
Exploits6
NVD
NVD
added 2013/09/30 10:55 p.m.28 views

CVE-2013-5692

Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the file parameter to index.php/admin/translationManager...

8.5CVSS6.6AI score0.05791EPSS
Exploits5References4
CVE
CVE
added 2013/09/30 8:0 p.m.68 views

CVE-2013-5692

CVE-2013-5692 affects X2CRM/X2Engine before 3.5. A PHP file inclusion flaw arises from insufficient sanitization of the file parameter in /index.php/admin/translationManager, allowing a remote authenticated administrator to traverse directories and include/execute local files. Public details conf...

8.5CVSS6.7AI score0.05791EPSS
Exploits5References4Affected Software1
exploitpack
exploitpack
added 2013/09/25 12:0 a.m.67 views

X2CRM 3.4.1 - Multiple Vulnerabilities

X2CRM 3.4.1 - Multiple Vulnerabilities Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure:...

8.5CVSS0.2AI score0.05791EPSS
Exploits6
0day.today
0day.today
added 2013/09/25 12:0 a.m.70 views

X2CRM 3.4.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September...

8.5CVSS6.5AI score0.05791EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/09/25 12:0 a.m.72 views

X2CRM 3.4.1 - Multiple Vulnerabilities

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.4AI score0.05791EPSS
Exploits6
Packet Storm
Packet Storm
added 2013/09/25 12:0 a.m.86 views

X2CRM 3.4.1 Cross Site Scripting / Local File Inclusion

Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure: September 25, 2013 Vulnerability Type: PH...

8.5CVSS6.5AI score0.05791EPSS
Exploits6
Rows per page
Query Builder