Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-1080

Malware in sbrugna...

6.8CVSS6.4AI score0.01415EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-1081

Malware in sbrugna...

4.3CVSS6.4AI score0.01815EPSS
Exploits1References5
NVD
NVD
added 2015/01/13 11:59 a.m.14 views

CVE-2014-10009

Multiple cross-site scripting XSS vulnerabilities in Stark CRM 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname, 2 lastname, or 3 notes parameter to the client page; 4 insuname or 5 price parameter to the addinsurancecat page; or 6 status parameter to the...

4.3CVSS5.8AI score0.01815EPSS
Exploits1References4
NVD
NVD
added 2015/01/13 11:59 a.m.12 views

CVE-2014-10008

Multiple cross-site request forgery CSRF vulnerabilities in Stark CRM 1.0 allow remote attackers to hijack the authentication of administrators for requests that add 1 an administrator via a crafted request to the admin page, 2 an agent via a crafted request to the agent page, 3 a sub-agent via a...

6.8CVSS7.2AI score0.01415EPSS
Exploits1References5
Prion
Prion
added 2015/01/13 11:59 a.m.10 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Stark CRM 1.0 allow remote attackers to hijack the authentication of administrators for requests that add 1 an administrator via a crafted request to the admin page, 2 an agent via a crafted request to the agent page, 3 a sub-agent via a...

6.8CVSS7.7AI score0.01415EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2015/01/13 11:59 a.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Stark CRM 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname, 2 lastname, or 3 notes parameter to the client page; 4 insuname or 5 price parameter to the addinsurancecat page; or 6 status parameter to the...

4.3CVSS6.1AI score0.01815EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2015/01/13 11:0 a.m.39 views

CVE-2014-10008

CVE-2014-10008 (Stark CRM v1.0) is documented in connected sources as CSRF vulnerabilities that enable forged requests to admin pages (admin/agent/sub_agent/partner/client) to hijack administrator authentication and perform privileged actions. ZSL-2014-5169 additionally notes stored XSS and sessi...

6.8CVSS7.4AI score0.01415EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2015/01/13 11:0 a.m.22 views

CVE-2014-10008

Multiple cross-site request forgery CSRF vulnerabilities in Stark CRM 1.0 allow remote attackers to hijack the authentication of administrators for requests that add 1 an administrator via a crafted request to the admin page, 2 an agent via a crafted request to the agent page, 3 a sub-agent via a...

7.2AI score0.01415EPSS
Exploits1References5
CVE
CVE
added 2015/01/13 11:0 a.m.45 views

CVE-2014-10009

Stark CRM 1.0 is affected by multiple stored XSS vulnerabilities due to unsanitized input in several POST parameters: first_name, last_name, notes (client page); insu_name, price (add_insurance_cat); and status[] (add_status). The root cause is improper input validation/exploitation of input pars...

4.3CVSS5.9AI score0.01815EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2015/01/13 11:0 a.m.18 views

CVE-2014-10009

Multiple cross-site scripting XSS vulnerabilities in Stark CRM 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname, 2 lastname, or 3 notes parameter to the client page; 4 insuname or 5 price parameter to the addinsurancecat page; or 6 status parameter to the...

5.8AI score0.01815EPSS
Exploits1References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Stark CRM 1.0 - Multiple Vulnerabilities

No description provided by source. ? Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities Vendor: IWCn Systems Inc. Product web page: http://www.iwcn.ws Affected version: 1.0 Summary: This is a light weight CRM which simplifies process of managing staff, client and projects...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/25 12:0 a.m.30 views

Stark CRM多个安全漏洞

Bugtraq ID:65710 Stark CRM是一款PHP客户关系管理系统。 Stark CRM存在多个存储型跨站脚本和跨站请求伪造漏洞,允许远程攻击者利用漏洞构建恶意URI,诱使用户解析,可获取敏感信息或以目标用户上下文执行恶意操作。 0 Stark CRM 1.0 目前没有详细解决方案提供: http://www.iwcn.ws Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities Vendor: IWCn Systems Inc. Product web page:...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/02/21 12:0 a.m.40 views

Stark CRM 1.0 - Multiple Vulnerabilities

Multiple stored cross site scripting and cross site request forgery vulnerabilities exist when parsing user input to several POST parameters in Stark CRM version 1.0. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2014/02/21 12:0 a.m.29 views

Stark CRM 1.0 Script Injection / Session Riding

Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities Vendor: IWCn Systems Inc. Product web page: http://www.iwcn.ws Affected version: 1.0 Summary: This is a light weight CRM which simplifies process of managing staff, client and projects. Desc: Multiple stored XSS and CSRF...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2014/02/20 12:0 a.m.30 views

Stark CRM 1.0 - Multiple Vulnerabilities

Stark CRM 1.0 - Multiple Vulnerabilities Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities Vendor: IWCn Systems Inc. Product web page: http://www.iwcn.ws Affected version: 1.0 Summary: This is a light weight CRM which simplifies process of managing staff, client and...

0.3AI score
Exploits0
Rows per page
Query Builder