24 matches found
EUVD-2014-4899
Malware in sbrugna...
EUVD-2022-50888
Malicious code in bioql PyPI...
EUVD-2025-5712
Malicious code in bioql PyPI...
CVE-2025-23575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575 WordPress DX Sales CRM plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575
The CVE-2025-23575 entry concerns the WordPress DX Sales CRM plugin (versions
CVE-2025-23575 WordPress DX Sales CRM plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
WordPress plugin DX Sales CRM 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress DX Sales CRM plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin DX Sales CRM versions = 1.1...
CVE-2022-48178
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...
Cross site scripting
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...
Cross site scripting
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...
CVE-2022-48177
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...
CVE-2022-48178
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...
CVE-2022-48178
CVE-2022-48178 summary: X2CRM Open Source Sales CRM versions 6.6–6.9 contain a stored XSS vulnerability in the Create Action function, triggered via index.php/actions/update. Multiple sources (Exploit-DB, PacketStorm, CNNVD, Red Hat, OSV, CVE lists) confirm the flaw and that exploitation can be a...
CVE-2022-48177
CVE-2022-48177 affects X2CRM Open Source Sales CRM versions 6.6–6.9. A reflected Cross-Site Scripting (XSS) vulnerability exists in the adin/importModels Import Records Model field, via the model parameter. Exploitation can execute malicious JavaScript in a victim user’s browser, with some source...
CVE-2022-48177
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...
CVE-2014-4984
Déjà Vu Crescendo Sales CRM has remote SQL Injection...
Sql injection
Déjà Vu Crescendo Sales CRM has remote SQL Injection...