Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-17484

Malware in sbrugna...

6.1CVSS6.2AI score0.03439EPSS
Exploits5References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-3230

Malware in sbrugna...

4.3CVSS6.4AI score0.04701EPSS
Exploits3References8
CNVD
CNVDadded 2018/01/18 12:0 a.m.1 views

SugarCRM Cross-Site Scripting Vulnerability (CNVD-2018-03248)

SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and enables information sharing and tracking of sales representatives. A cross-site...

6.1CVSS5.8AI score0.03439EPSS
Exploits5References1
Prion
Prionadded 2018/01/16 8:29 p.m.10 views

Design/Logic Flaw

phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string aka a $key variable...

4.3CVSS5.8AI score0.03439EPSS
Exploits5References2Affected Software1
Cvelist
Cvelistadded 2018/01/16 8:0 p.m.10 views

CVE-2018-5715

phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string aka a $key variable...

5.9AI score0.03439EPSS
Exploits5References2
CVE
CVEadded 2018/01/16 8:0 p.m.67 views

CVE-2018-5715

SugarCRM 3.5.1 is vulnerable to Cross-Site Scripting via phprint.php due to improper handling of the GET parameter name ($key) in the query string. The root cause is that the $key values are not encoded when constructing the query string, enabling injection of arbitrary JavaScript into the victim...

6.1CVSS5.8AI score0.03439EPSS
Exploits5References2Affected Software1
Prion
Prionadded 2011/12/02 4:55 p.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...

4.3CVSS6.1AI score0.36154EPSS
Exploits1References9Affected Software1
Cvelist
Cvelistadded 2011/12/02 4:0 p.m.18 views

CVE-2011-4670

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...

5.8AI score0.36154EPSS
Exploits1References9
Exploit DB
Exploit DBadded 2011/10/04 12:0 a.m.25 views

vTiger CRM 5.2.1 - 'PHPrint.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/49927/info vtiger CRM is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2010/11/29 12:0 a.m.71 views

vtiger CRM phprint.php lang_crm Parameter Local File Inclusion

The version of vtiger CRM installed on the remote host does not sanitize user input to the 'langcrm' parameter of the 'phprint.php' script before using it to include PHP code. An unauthenticated, remote attacker may be able to leverage this issue to view arbitrary files or possibly execute...

6.8CVSS6.3AI score0.01738EPSS
Exploits3References3
Rows per page
Query Builder