CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CNVD•added 2018/01/02 12:0 a.m.•2 views

Zurmo cross-site scripting vulnerability (CNVD-2018-02168)

Zurmo is the United States Zurmo company's set of open source PHP-based customer relationship management system CRM. A cross-site scripting vulnerability exists in Zurmo version 3.2.3. A remote attacker can exploit this vulnerability by sending the 'latitude' or 'longitude' parameter to...

5.4CVSS6.4AI score0.00206EPSS

Exploits1References1

NVD•added 2017/12/31 7:29 p.m.•10 views

CVE-2017-18004

Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint...

5.4CVSS5.3AI score0.00206EPSS

Exploits1References1

Prion•added 2017/12/31 7:29 p.m.•12 views

Design/Logic Flaw

Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint...

3.5CVSS5.2AI score0.00206EPSS

Exploits1References1Affected Software1

OSV•added 2017/12/31 7:29 p.m.•0 views

CVE-2017-18004

Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint...

5.4CVSS5.8AI score

Exploits0References1

CVE•added 2017/12/31 7:0 p.m.•41 views

CVE-2017-18004

Zurmo 3.2.3 is affected by an XSS vulnerability triggered by the latitude or longitude parameter to maps/default/mapAndPoint in the Zurmo web application (PHP-based CRM). The issue is reported across multiple sources (e.g., CVE-2017-18004, CNVD-2018-02168, RH Red Hat, NVD) with consistent descrip...

5.4CVSS5.2AI score0.00206EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by