30 matches found
EUVD-2019-15603
Malware in sbrugna...
EUVD-2023-45669
Malicious code in bioql PyPI...
EUVD-2023-45668
Malicious code in bioql PyPI...
CVE-2023-41149
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running...
CVE-2023-41150
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...
CVE-2019-6036
Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 version 6 series allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2023-41149
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running...
CVE-2023-41150
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...
CVE-2023-41150
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...
Command injection
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running...
Cross site scripting
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...
CVE-2023-41150
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...
CVE-2023-41150
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product...
CVE-2023-41150
CVE-2023-41150 affects F-RevoCRM 7.3 series prior to version 7.3.8 and is a cross-site scripting (XSS) vulnerability. The issue enables an arbitrary script to be executed in the web browser of a user interacting with the product. Affected versions include 7.3.0–7.3.7; remediation is to upgrade to...
CVE-2023-41149
F-RevoCRM 7.3.7 and 7.3.8 contain an OS command injection vulnerability (CVE-2023-41149) that could allow an attacker with access to execute arbitrary OS commands on the server. The issue is confirmed across multiple sources (NVD entry and vendor/standard advisories), with high impact to confiden...
CVE-2023-41149
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running...
PT-2023-27825 · F-Revocrm · F-Revocrm
Name of the Vulnerable Software and Affected Versions: F-RevoCRM versions 7.3.0 through 7.3.7 Description: The issue is a cross-site scripting vulnerability. If exploited, it allows an arbitrary script to be executed on the web browser of the user using the product. Recommendations: For versions...
PT-2023-27823 · F-Revocrm · F-Revocrm
Name of the Vulnerable Software and Affected Versions: F-RevoCRM versions 7.3.7 through 7.3.8 Description: The issue is an OS command injection vulnerability. If exploited, an attacker with access to the product may execute an arbitrary OS command on the server where the product is running...
Multiple vulnerabilities in F-RevoCRM
Overview F-RevoCRM provided by ThinkingReed inc. contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2023-41149 Cross-site scripting vulnerability CWE-79 - CVE-2023-41150 Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported these vulnerabilities to IPA. JPCERT/...
F-RevoCRM Cross-Site Scripting Vulnerability
Thinkreed F-RevoCRM is an open source customer relationship management software from Thinkreed Japan. A security vulnerability exists in F-RevoCRM that stems from F-RevoCRM allowing cross-site scripting...