24 matches found
EUVD-2014-4899
Malware in sbrugna...
EUVD-2022-50888
Malicious code in bioql PyPI...
EUVD-2025-5712
Malicious code in bioql PyPI...
CVE-2025-23575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575 WordPress DX Sales CRM plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575 WordPress DX Sales CRM plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DevriX DX Sales CRM dx-sales-crm allows Reflected XSS.This issue affects DX Sales CRM: from n/a through = 1.1...
CVE-2025-23575
The CVE-2025-23575 entry concerns the WordPress DX Sales CRM plugin (versions
WordPress plugin DX Sales CRM 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress DX Sales CRM plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin DX Sales CRM versions = 1.1...
CVE-2022-48178
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...
Cross site scripting
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...
Cross site scripting
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...
CVE-2022-48177
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...
CVE-2022-48178
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Create Action function, aka an index.php/actions/update URI...
CVE-2022-48177
X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting XSS vulnerability via the adin/importModels Import Records Model field model parameter. This vulnerability allows attackers to create malicious JavaScript that will be executed by the victim user's...
CVE-2022-48178
CVE-2022-48178 summary: X2CRM Open Source Sales CRM versions 6.6–6.9 contain a stored XSS vulnerability in the Create Action function, triggered via index.php/actions/update. Multiple sources (Exploit-DB, PacketStorm, CNNVD, Red Hat, OSV, CVE lists) confirm the flaw and that exploitation can be a...
CVE-2022-48177
CVE-2022-48177 affects X2CRM Open Source Sales CRM versions 6.6–6.9. A reflected Cross-Site Scripting (XSS) vulnerability exists in the adin/importModels Import Records Model field, via the model parameter. Exploitation can execute malicious JavaScript in a victim user’s browser, with some source...
CVE-2014-4984
Déjà Vu Crescendo Sales CRM has remote SQL Injection...
Sql injection
Déjà Vu Crescendo Sales CRM has remote SQL Injection...