Lucene search
K

4 matches found

securityvulns
securityvulns
added 2014/11/03 12:0 a.m.103 views

Multiple vulnerabilities in EspoCRM

Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...

10CVSS0.1AI score0.05026EPSS
Exploits5
CVE
CVE
added 2014/10/31 2:0 p.m.55 views

CVE-2014-7986

EspoCRM prior to 2.6.0 is affected by multiple issues via /install/index.php: CVE-2014-7986 allows remote reinstallation by setting installProcess=1 due to improper access control; CVE-2014-7985 enables PHP file inclusion via action parameter leading to potential code execution; CVE-2014-7987 ena...

5CVSS6.5AI score0.02858EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2014/10/30 12:0 a.m.84 views

EspoCRM 2.5.2 XSS / LFI / Access Control Vulnerabilities

EspoCRM version 2.5.2 suffers from cross site scripting, local file inclusion, and improper access control vulnerabilities. Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical...

10CVSS6.3AI score0.05026EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/10/29 12:0 a.m.61 views

EspoCRM 2.5.2 XSS / LFI / Access Control

Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...

10CVSS0.4AI score0.05026EPSS
Exploits5
Rows per page
Query Builder