Lucene search
+L

164 matches found

cnvd
cnvd
added 2022/11/10 12:0 a.m.7 views

Perfex Crm cross-site scripting vulnerability (CNVD-2023-36117)

Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. A cross-site scripting vulnerability exists in Perfex Crm version 1.10, which stems from the lack of effective filtering and escaping of user-supplied data in...

5.4CVSS5.8AI score0.00505EPSS
Exploits2References1
nvd
nvd
added 2022/11/08 6:15 p.m.22 views

CVE-2021-40303

perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...

5.4CVSS0.00505EPSS
Exploits2References1
osv
osv
added 2022/11/08 6:15 p.m.4 views

CVE-2021-40303

perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...

5.4CVSS5.8AI score0.00505EPSS
Exploits2References1
prion
prion
added 2022/11/08 6:15 p.m.19 views

Cross site scripting

perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...

4.9CVSS5.3AI score0.00505EPSS
Exploits2References1Affected Software1
vulnrichment
vulnrichment
added 2022/11/08 12:0 a.m.8 views

CVE-2021-40303

perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...

5.5AI score0.00505EPSS
Exploits2References1
cnnvd
cnnvd
added 2022/11/08 12:0 a.m.3 views

Perfex Crm 跨站脚本漏洞

Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. A cross-site scripting vulnerability exists in Perfex Crm version 1.10, which stems from the lack of effective filtering and escaping of user-supplied data in...

5.4CVSS5.9AI score0.00505EPSS
Exploits2References2
ptsecurity
ptsecurity
added 2022/11/08 12:0 a.m.6 views

PT-2022-11212 · Unknown · Perfex Crm

Name of the Vulnerable Software and Affected Versions: perfex crm version 1.10 Description: The issue is related to Cross Site Scripting XSS that can be exploited via the "/clients/profile" API endpoint. This allows for potential malicious script injection. Recommendations: For perfex crm version...

5.4CVSS5.1AI score0.00505EPSS
Exploits2References4
cvelist
cvelist
added 2022/11/08 12:0 a.m.26 views

CVE-2021-40303

perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...

5.5AI score0.00505EPSS
Exploits2References1
cve
cve
added 2022/11/08 12:0 a.m.63 views

CVE-2021-40303

Perfex CRM 1.10 is vulnerable to stored Cross Site Scripting (XSS) via /clients/profile due to insufficient input filtering/escaping in that endpoint. Exploitation could execute arbitrary scripts in a user’s browser, potentially compromising cookies/sessions. The connected documents confirm the i...

5.4CVSS5.3AI score0.00505EPSS
Exploits2References1Affected Software1
cnvd
cnvd
added 2021/10/26 12:0 a.m.16 views

Perfex CRM Cross-Site Scripting Vulnerability

Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. There is a security vulnerability in Perfex CRM that originates from the client side client via the company name parameter. No details of the vulnerability are provided at...

5.4CVSS5.5AI score0.00562EPSS
Exploits1References1
nvd
nvd
added 2021/10/22 8:15 p.m.23 views

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

5.4CVSS0.00562EPSS
Exploits1References1
osv
osv
added 2021/10/22 8:15 p.m.3 views

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

5.4CVSS6AI score0.00562EPSS
Exploits1References1
prion
prion
added 2021/10/22 8:15 p.m.27 views

Cross site scripting

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

3.5CVSS5.3AI score0.00562EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/10/22 7:20 p.m.36 views

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

5.3AI score0.00562EPSS
Exploits1References1
cve
cve
added 2021/10/22 7:20 p.m.48 views

CVE-2020-28961

CVE-2020-28961 affects Perfex CRM v2.4.4. The vulnerability is a stored cross-site scripting (XSS) in the component path ./clients/client , exploitable via the company name parameter . This originates on the client side and can result in script execution when user input is rendered. From the prov...

5.4CVSS5.2AI score0.00562EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2021/10/22 12:0 a.m.4 views

Perfex Crm 跨站脚本漏洞

Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. There is a security vulnerability in Perfex CRM that originates from the client side client via the company name parameter. No details of the vulnerability are provided at...

5.4CVSS5.5AI score0.00562EPSS
Exploits1References2
packetstorm
packetstorm
added 2020/12/04 12:0 a.m.996 views

Perfex CRM 2.4.4 Cross Site Scripting

Document Title: =============== Perfex v2.4.4 CRM - Print Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2231 Release Date: ============= 2020-06-24 Vulnerability Laboratory ID VL-ID: ==================================== 22...

7.4AI score
Exploits0
vulnerlab
vulnerlab
added 2020/06/23 12:0 a.m.77 views

Perfex v2.4.4 CRM - (Print) Persistent Web Vulnerability

Document Title: =============== Perfex v2.4.4 CRM - Print Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2231 Release Date: ============= 2020-06-23 Vulnerability Laboratory ID VL-ID: ==================================== 22...

7.4AI score
Exploits0
cnvd
cnvd
added 2018/01/30 12:0 a.m.5 views

Perfex CRM Arbitrary File Upload Vulnerability

Perfex CRM is a customer relationship management software. The software features payment management, project management, task assignment and goal tracking. An arbitrary file upload vulnerability exists in the Utilities.php file in Perfex CRM version 1.9.7. A remote attacker can exploit this...

9.8CVSS7.5AI score0.12506EPSS
Exploits5References1
osv
osv
added 2018/01/26 8:29 p.m.5 views

CVE-2017-17976

In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution...

9.8CVSS6.1AI score0.12506EPSS
Exploits5References2
Rows per page
Query Builder