5 matches found
CVE-2024-56908
In Perfex Crm 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected uploadsalesfile endpoint. By providing malicious input in the relid parameter, combined with improper input validation, the attacker can bypass restrictions and upload arbitrary files to directorie...
CVE-2024-56908
In Perfex Crm 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected uploadsalesfile endpoint. By providing malicious input in the relid parameter, combined with improper input validation, the attacker can bypass restrictions and upload arbitrary files to directorie...
CVE-2024-56908
In Perfex Crm 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected uploadsalesfile endpoint. By providing malicious input in the relid parameter, combined with improper input validation, the attacker can bypass restrictions and upload arbitrary files to directorie...
CVE-2024-56908
Perfex CRM versions before 3.2.1 are affected by CVE-2024-56908. An authenticated attacker can issue a crafted HTTP POST to the upload_sales_file endpoint and supply malicious input in the rel_id parameter, taking advantage of improper input validation to bypass restrictions and upload arbitrary ...
CVE-2024-56908
In Perfex Crm 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected uploadsalesfile endpoint. By providing malicious input in the relid parameter, combined with improper input validation, the attacker can bypass restrictions and upload arbitrary files to directorie...