CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-6308

Malware in sbrugna...

9.8CVSS9.2AI score0.00307EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 9:45 a.m.•7 views

CVE-2024-25461

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

7.5CVSS6.3AI score0.00153EPSS

Exploits0References1

NVD•added 2024/02/21 8:15 p.m.•13 views

CVE-2024-25461

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

7.5CVSS6AI score0.00153EPSS

Exploits0References2

OSV•added 2024/02/21 8:15 p.m.•0 views

CVE-2024-25461

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

7.5CVSS5.9AI score

Exploits0References2

Prion•added 2024/02/21 8:15 p.m.•15 views

Directory traversal

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

6.8AI score0.00153EPSS

Exploits0References2

Positive Technologies•added 2024/02/21 12:0 a.m.•2 views

PT-2024-20958 · Terrasoft · Creatio Terrasoft Crm

Name of the Vulnerable Software and Affected Versions: Creatio Terrasoft CRM version 7.18.4.1532 Description: The issue allows a remote attacker to obtain sensitive information via a crafted request to the "terrasoft.axd" component. This enables the attacker to potentially access unauthorized dat...

7.5CVSS6.1AI score0.00153EPSS

Exploits0References7

Cvelist•added 2024/02/21 12:0 a.m.•18 views

CVE-2024-25461

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

6.2AI score0.00153EPSS

Exploits0References2

Vulnrichment•added 2024/02/21 12:0 a.m.•21 views

CVE-2024-25461

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

6.3AI score0.00153EPSS

Exploits0References2

CNNVD•added 2024/02/21 12:0 a.m.•3 views

Creatio Terrasoft CRM Security Breach

Creatio Terrasoft CRM is a customer relationship management system from Creatio. A security vulnerability exists in Creatio Terrasoft CRM version v.7.18.4.1532. A remote attacker can exploit this vulnerability to obtain sensitive information via a specially crafted request to the terrasoft.axd...

7.5CVSS6.5AI score0.00153EPSS

Exploits0References3

CVE•added 2024/02/21 12:0 a.m.•44 views

CVE-2024-25461

CVE-2024-25461 : A directory traversal vulnerability affects Creatio Terrasoft CRM v7.18.4.1532, allowing a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component. Root cause is a directory traversal flaw in the terrasoft.axd handler; impact is unauth...

7.5CVSS6.2AI score0.00153EPSS

Exploits0References2Affected Software1

VulnCheck KEV•added 2023/08/08 12:0 a.m.•2 views

VulnCheck KEV: CVE-2024-25461

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component...

7.5CVSS5.8AI score0.00153EPSS

Exploits0References1

BDU FSTEC•added 2023/08/08 12:0 a.m.•1 views

The vulnerability of the ConnectionStrings.config component in the “Terrasoft” CRM system and the “Creatio” BPM system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ConnectionStrings.config component in the “Terrasoft” CRM system and the “Creatio” BPM system is related to incorrect restrictions on the path to the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

9CVSS5.5AI score

Exploits0References1

NVD•added 2019/09/18 9:15 p.m.•9 views

CVE-2019-15301

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

9.8CVSS9.9AI score0.00307EPSS

Exploits0References1

OSV•added 2019/09/18 9:15 p.m.•1 views

CVE-2019-15301

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

9.8CVSS7.6AI score0.00307EPSS

Exploits0References1

Prion•added 2019/09/18 9:15 p.m.•14 views

Sql injection

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

7.5CVSS9.8AI score0.00307EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/09/18 8:59 p.m.•16 views

CVE-2019-15301

A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter...

10AI score0.00307EPSS

Exploits0References1

CVE•added 2019/09/18 8:59 p.m.•104 views

CVE-2019-15301

The CVE-2019-15301 entry concerns a SQL injection in Terrasoft Bpm’online CRM-System SDK 7.13, specifically in Terrasoft.Core.DB.Column.Const(). An attacker can inject arbitrary SQL via the value parameter. Supported details indicate a NETWORK attack with LOW complexity and no authentication, lea...

9.8CVSS9.8AI score0.00307EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by