CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2024/03/06 11:9 a.m.•11 views

BIT-SUITECRM-2021-41595

SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the filename parameter of the Step3 import functionality...

5.3CVSS5.2AI score0.01771EPSS

Exploits0References5

OSV•added 2024/01/29 8:15 p.m.•1 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.9AI score

Exploits0References1

Cvelist•added 2024/01/29 12:0 a.m.•19 views

CVE-2024-22570

A stored cross-site scripting XSS vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4AI score0.00277EPSS

Exploits0References1

CNVD•added 2021/10/09 12:0 a.m.•12 views

SuiteCRM Path Traversal Vulnerability (CNVD-2021-88951)

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team. SuiteCRM has a security vulnerability that allows an attacker to include arbitrary files via the filename parameter portion of the Step3 import function...

5.3CVSS5.2AI score0.01771EPSS

Exploits0References1

NVD•added 2021/10/04 5:15 p.m.•12 views

CVE-2021-41595

5.3CVSS0.01771EPSS

Exploits0References4

OSV•added 2021/10/04 5:15 p.m.•16 views

CVE-2021-41595

5.3CVSS6.7AI score0.01771EPSS

Exploits0References4

Prion•added 2021/10/04 5:15 p.m.•11 views

Information disclosure

5CVSS5.3AI score0.01771EPSS

Exploits0References4Affected Software1

Cvelist•added 2021/10/04 4:46 p.m.•23 views

CVE-2021-41595

5.5AI score0.01771EPSS

Exploits0References4

Positive Technologies•added 2021/10/04 12:0 a.m.•2 views

PT-2021-23357 · Suitecrm · Suitecrm

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.10.33 SuiteCRM versions prior to 7.11.22 Description: The issue allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file name parameter of the Step3...

5.3CVSS5.1AI score0.01771EPSS

Exploits0References8

OSV•added 2018/12/30 9:29 p.m.•1 views

CVE-2018-20614

public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install//step3 URI...

7.5CVSS5.8AI score0.01303EPSS

Exploits1References1

NVD•added 2018/12/30 9:29 p.m.•11 views

CVE-2018-20614

public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install//step3 URI...

7.5CVSS7.5AI score0.01303EPSS

Exploits1References1