Lucene search
K

4 matches found

securityvulns
securityvulns
added 2014/11/03 12:0 a.m.103 views

Multiple vulnerabilities in EspoCRM

Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...

10CVSS0.1AI score0.05026EPSS
Exploits5
Cvelist
Cvelist
added 2014/10/31 2:0 p.m.33 views

CVE-2014-7985

Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the action parameter to install/index.php...

7AI score0.05026EPSS
Exploits3References5
0day.today
0day.today
added 2014/10/30 12:0 a.m.84 views

EspoCRM 2.5.2 XSS / LFI / Access Control Vulnerabilities

EspoCRM version 2.5.2 suffers from cross site scripting, local file inclusion, and improper access control vulnerabilities. Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical...

10CVSS6.3AI score0.05026EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/10/29 12:0 a.m.61 views

EspoCRM 2.5.2 XSS / LFI / Access Control

Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...

10CVSS0.4AI score0.05026EPSS
Exploits5
Rows per page
Query Builder