164 matches found
Perfex Crm cross-site scripting vulnerability (CNVD-2023-36117)
Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. A cross-site scripting vulnerability exists in Perfex Crm version 1.10, which stems from the lack of effective filtering and escaping of user-supplied data in...
CVE-2021-40303
perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...
CVE-2021-40303
perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...
Cross site scripting
perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...
CVE-2021-40303
perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...
Perfex Crm 跨站脚本漏洞
Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. A cross-site scripting vulnerability exists in Perfex Crm version 1.10, which stems from the lack of effective filtering and escaping of user-supplied data in...
PT-2022-11212 · Unknown · Perfex Crm
Name of the Vulnerable Software and Affected Versions: perfex crm version 1.10 Description: The issue is related to Cross Site Scripting XSS that can be exploited via the "/clients/profile" API endpoint. This allows for potential malicious script injection. Recommendations: For perfex crm version...
CVE-2021-40303
perfex crm 1.10 is vulnerable to Cross Site Scripting XSS via /clients/profile...
CVE-2021-40303
Perfex CRM 1.10 is vulnerable to stored Cross Site Scripting (XSS) via /clients/profile due to insufficient input filtering/escaping in that endpoint. Exploitation could execute arbitrary scripts in a user’s browser, potentially compromising cookies/sessions. The connected documents confirm the i...
Perfex CRM Cross-Site Scripting Vulnerability
Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. There is a security vulnerability in Perfex CRM that originates from the client side client via the company name parameter. No details of the vulnerability are provided at...
CVE-2020-28961
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...
CVE-2020-28961
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...
Cross site scripting
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...
CVE-2020-28961
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...
CVE-2020-28961
CVE-2020-28961 affects Perfex CRM v2.4.4. The vulnerability is a stored cross-site scripting (XSS) in the component path ./clients/client , exploitable via the company name parameter . This originates on the client side and can result in script execution when user input is rendered. From the prov...
Perfex Crm 跨站脚本漏洞
Perfex Crm is a customer relationship management software. For managing clients, projects and creating invoices in the cloud. There is a security vulnerability in Perfex CRM that originates from the client side client via the company name parameter. No details of the vulnerability are provided at...
Perfex CRM 2.4.4 Cross Site Scripting
Document Title: =============== Perfex v2.4.4 CRM - Print Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2231 Release Date: ============= 2020-06-24 Vulnerability Laboratory ID VL-ID: ==================================== 22...
Perfex v2.4.4 CRM - (Print) Persistent Web Vulnerability
Document Title: =============== Perfex v2.4.4 CRM - Print Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2231 Release Date: ============= 2020-06-23 Vulnerability Laboratory ID VL-ID: ==================================== 22...
Perfex CRM Arbitrary File Upload Vulnerability
Perfex CRM is a customer relationship management software. The software features payment management, project management, task assignment and goal tracking. An arbitrary file upload vulnerability exists in the Utilities.php file in Perfex CRM version 1.9.7. A remote attacker can exploit this...
CVE-2017-17976
In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution...