17 matches found
PT-2026-26449
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 8.9.3, the RecordHandler::getRecord method retrieves any record by module and ID without checking the current user's ACL view permission. The companion saveRecord method...
CVE-2026-25511
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The...
EUVD-2010-2388
Malware in sbrugna...
EUVD-2005-3465
Malware in sbrugna...
EUVD-2025-7661
Malicious code in bioql PyPI...
CVE-2025-25191
Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100...
CVE-2025-25191
Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100...
CVE-2023-46730 Server-Side Request Forgery in groupoffice
Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery SSRF vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to...
Shanghai Ruize Software Co., Ltd. eCRM-CRM system has information leakage vulnerability.
EK CRM Enterprise is a mobile cloud office software. Shanghai Ruize Software Co., Ltd. eCRM Enterprise Edition customer relationship management system information leakage vulnerability, attackers can use the vulnerability to obtain sensitive information...
CVE-2012-0514
CVE-2012-0514 affects Oracle PeopleSoft 9.1, specifically the PeopleSoft Enterprise CRM component. The provided documents describe an unspecified vulnerability that allows remote authenticated users to affect confidentiality . The root cause and exact exploit/vector are not disclosed in the suppl...
CVE-2012-0074
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect integrity via unknown vectors related to Sales...
CVE-2012-0074
CVE-2012-0074 affects Oracle PeopleSoft Products 8.9 (PeopleSoft Enterprise CRM component). The description specifies an unspecified vulnerability allowing remote authenticated users to affect integrity via unknown vectors related to Sales. The provided connected documents do not give a concrete ...
Design/Logic Flaw
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle 31 and 9.1 Bundle 6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture...
Design/Logic Flaw
Unspecified vulnerability in the PeopleSoft Enterprise CRM - Order Capture component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle 28 and 9.1 Bundle 4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...
CVE-2010-3528
Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common Components component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle 41, 9.0 Bundle 28, and 9.1 Bundle 4 allows remote authenticated users to affect confidentiality via unknown vectors...
CVE-2010-3532
CVE-2010-3532 affects PeopleSoft Enterprise CRM – Order Capture in Oracle PeopleSoft/JD Edwards Suite, specifically 9.0 Bundle #28 and 9.1 Bundle #4. The vulnerability is listed in the PeopleSoft/Oracle CVE risk matrix as network-exploitable with HTTP access, requiring a single authentication lev...
CVE-2005-3466
Technical details for CVE-2005-3466 are not publicly available in the provided documents. No concrete information on affected products, versions, root cause, impact, or remediation is present. Monitor for updates.