Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/10/03 12:48 p.m.9 views

CVE-2025-40991

Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...

5.1CVSS6AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/10/02 11:15 a.m.2 views

CVE-2025-40991

Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...

5.4CVSS5.8AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 10:45 a.m.6 views

CVE-2025-40991 Stored XSS in Creativeitem Ekushey CRM

Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...

5.1CVSS0.00193EPSS
Exploits0References1
OSV
OSV
added 2022/03/24 3:15 p.m.3 views

CVE-2022-0551

Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian...

7.2CVSS5.9AI score0.00868EPSS
Exploits0References1
Rows per page
Query Builder