211 matches found
CVE-2023-43331
A cross-site scripting XSS vulnerability in the Add User function of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2025-15390
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...
CVE-2025-15390
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...
CVE-2025-15390
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...
CVE-2025-15390
CVE-2025-15390 affects PHPGurukul Small CRM 4.0. The vulnerability is in the file /admin/edit-user.php where missing authorization can be exploited remotely to perform unauthorized actions. Multiple sources (NVD/Red Hat/CVE lists) consistently describe a remote-access vulnerability with publicly ...
CVE-2025-15390 PHPGurukul Small CRM edit-user.php authorization
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...
CVE-2025-15390 PHPGurukul Small CRM edit-user.php authorization
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...
CVE-2025-15390
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /admin/edit-user.php. The manipulation results in missing authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for...
PHPGurukul Small CRM 安全漏洞
PHPGurukul Small CRM is a customer relationship management system from PHPGurukul. A security vulnerability exists in PHPGurukul Small CRM version 4.0, which stems from a missing authorization in the file /admin/edit-user.php, which could lead to a remote attack...
Small CRM change-password.php File SQL Injection Vulnerability
Small CRM a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the oldpass parameter of change-password.php. This vulnerability can be exploited by an attacker to execute...
Small CRM quote-details.php file SQL Injection Vulnerability
Small CRM a customer relationship management system. Small CRM suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the id and adminremark parameters of quote-details.php. An attacker can exploit this vulnerability to...
Small CRM manage-tickets.php file cross-site scripting vulnerability
Small CRM a customer relationship management system. Small CRM suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the aremark parameter of manage-tickets.php, which can be exploited to execute arbitrary Web scrip...
Small CRM manage-tickets.php file SQL Injection Vulnerability
Small CRM a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the frmid and aremark parameters of manage-tickets.php. An attacker can exploit this vulnerability to execu...
CVE-2024-44641
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php...
CVE-2024-44644
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frmid and aremark parameters in manage-tickets.php...
CVE-2024-44647
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via the aremark parameter in manage-tickets.php...
CVE-2024-44648
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php...
EUVD-2024-55089
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php...
EUVD-2024-55087
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the oldpass parameter in change-password.php...
CVE-2024-44648
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php...