Lucene search
K

17 matches found

Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.7 views

PT-2026-26449

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 8.9.3, the RecordHandler::getRecord method retrieves any record by module and ID without checking the current user's ACL view permission. The companion saveRecord method...

6.5CVSS5.8AI score0.00274EPSS
Exploits0References3
NVD
NVD
added 2026/02/04 9:16 p.m.12 views

CVE-2026-25511

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The...

8.2CVSS0.00396EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-2388

Malware in sbrugna...

3CVSS6.3AI score0.0027EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3465

Malware in sbrugna...

10CVSS6.4AI score0.03768EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-7661

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00256EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/03/08 7:38 p.m.16 views

CVE-2025-25191

Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100...

6.9CVSS5.7AI score0.00256EPSS
Exploits1References1
NVD
NVD
added 2025/03/06 7:15 p.m.12 views

CVE-2025-25191

Group-Office is an enterprise CRM and groupware tool. This Stored XSS vulnerability exists where user input in the Name field is not properly sanitized before being stored. This vulnerability is fixed in 6.8.100...

6.9CVSS0.00256EPSS
Exploits1References2
OSV
OSV
added 2023/11/07 5:35 p.m.19 views

CVE-2023-46730 Server-Side Request Forgery in groupoffice

Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery SSRF vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to...

7.4CVSS8.3AI score0.00595EPSS
Exploits1References4
CNVD
CNVD
added 2020/09/20 12:0 a.m.1 views

Shanghai Ruize Software Co., Ltd. eCRM-CRM system has information leakage vulnerability.

EK CRM Enterprise is a mobile cloud office software. Shanghai Ruize Software Co., Ltd. eCRM Enterprise Edition customer relationship management system information leakage vulnerability, attackers can use the vulnerability to obtain sensitive information...

6.5AI score
Exploits0
CVE
CVE
added 2012/05/03 5:18 p.m.48 views

CVE-2012-0514

CVE-2012-0514 affects Oracle PeopleSoft 9.1, specifically the PeopleSoft Enterprise CRM component. The provided documents describe an unspecified vulnerability that allows remote authenticated users to affect confidentiality . The root cause and exact exploit/vector are not disclosed in the suppl...

4CVSS5.8AI score0.01118EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2012/01/18 10:0 p.m.21 views

CVE-2012-0074

Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect integrity via unknown vectors related to Sales...

5.3AI score0.01097EPSS
Exploits0References5
CVE
CVE
added 2012/01/18 10:0 p.m.51 views

CVE-2012-0074

CVE-2012-0074 affects Oracle PeopleSoft Products 8.9 (PeopleSoft Enterprise CRM component). The description specifies an unspecified vulnerability allowing remote authenticated users to affect integrity via unknown vectors related to Sales. The provided connected documents do not give a concrete ...

4CVSS5.5AI score0.01097EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2011/01/19 4:0 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle 31 and 9.1 Bundle 6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture...

5.5CVSS5.6AI score0.01168EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2010/10/14 6:0 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in the PeopleSoft Enterprise CRM - Order Capture component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle 28 and 9.1 Bundle 4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

5.5CVSS5.7AI score0.0097EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2010/10/14 5:0 p.m.20 views

CVE-2010-3528

Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common Components component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle 41, 9.0 Bundle 28, and 9.1 Bundle 4 allows remote authenticated users to affect confidentiality via unknown vectors...

5.4AI score0.01446EPSS
Exploits0References2
CVE
CVE
added 2010/10/14 5:0 p.m.57 views

CVE-2010-3532

CVE-2010-3532 affects PeopleSoft Enterprise CRM – Order Capture in Oracle PeopleSoft/JD Edwards Suite, specifically 9.0 Bundle #28 and 9.1 Bundle #4. The vulnerability is listed in the PeopleSoft/Oracle CVE risk matrix as network-exploitable with HTTP access, requiring a single authentication lev...

5.5CVSS5.5AI score0.0097EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/11/02 11:0 a.m.47 views

CVE-2005-3466

Technical details for CVE-2005-3466 are not publicly available in the provided documents. No concrete information on affected products, versions, root cause, impact, or remediation is present. Monitor for updates.

10CVSS6.5AI score0.03768EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder