133 matches found
CVE-2025-3219
A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...
CVE-2025-3219
A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...
CVE-2025-3219 CodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting
A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...
CVE-2025-3219
The CVE-2025-3219 entry concerns CodeCanyon Perfex CRM 3.2.1. Affected is an unknown function in the file /perfex/clients/project/2 within the Project Discussions Module. The issue is a cross‑site scripting vulnerability triggered by manipulation of the argument description, with remote exploitat...
PT-2025-14865 · Unknown · Codecanyon Perfex Crm
Name of the Vulnerable Software and Affected Versions: CodeCanyon Perfex CRM version 3.2.1 Description: A vulnerability was found in CodeCanyon Perfex CRM. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project...
CVE-2024-55228
creationtimestamp| type| source ---|---|--- 2025-01-25 04:09:52+00:00| exploited| https://gist.github.com/Dqtdqt/a942bbce9a5fc851dce366902411c768 2025-01-27 16:36:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113901292435622561 2025-01-27 17:16:06+00:00| seen|...
CVE-2025-21210
creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:17:15+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpud2edey2j 2025-01-14 18:41:01+00:00| seen|...
CVE-2024-56778
creationtimestamp| type| source ---|---|--- 2025-01-08 18:07:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113794066477382175 2025-01-08 18:16:00+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfarhbw3s52f 2025-01-08 18:21:31+00:00| seen|...
CVE-2024-56521
creationtimestamp| type| source ---|---|--- 2024-12-27 04:32:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113722915496819427 2024-12-27 04:37:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113722933165201992 2024-12-27 05:15:44+00:00| seen|...
CVE-2024-12846
creationtimestamp| type| source ---|---|--- 2024-12-21 05:05:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113689069906563464 2024-12-21 05:15:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lds5h6jcmv2z 2024-12-21 06:58:14+00:00| seen|...
CVE-2024-43594
creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 17:53:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113629799580426668 2025-01-07 16:45:47+00:00| seen|...
CVE-2024-8068
creationtimestamp| type| source ---|---|--- 2024-11-12 16:21:28+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113470897346004162 2024-11-12 19:44:07+00:00| seen| https://t.me/cvedetector/10675 2024-11-12 21:23:09+00:00| seen|...
CVE-2024-48093
Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to achieve Remote Code Execution via uploading and executing malicious files without validating file extensions or content types...
CVE-2024-48093
CVE-2024-48093 affects Operately v0.1.0. The vulnerability is an unrestricted file upload in the Discussions tab that allows a privileged user to achieve Remote Code Execution by uploading and executing malicious files without validating file extensions or content types. Public sources in the con...
CVE-2024-48093
Unrestricted File Upload in the Discussions tab in Operately v.0.1.0 allows a privileged user to achieve Remote Code Execution via uploading and executing malicious files without validating file extensions or content types...
CVE-2024-6723
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...
CVE-2024-6723
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...
CVE-2024-6723 AI Engine < 2.4.8 - Admin+ SQLi
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...
CVE-2024-6723 AI Engine < 2.4.8 - Admin+ SQLi
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when viewing chatbot discussions...
PT-2024-37823 · WordPress · Ai Engine
Name of the Vulnerable Software and Affected Versions: The AI Engine WordPress plugin versions prior to 2.4.8 Description: The issue is related to a SQL injection that occurs due to improper sanitization and escaping of a parameter in a SQL statement. This can be exploited by admin users when...