88 matches found
EUVD-2015-5091
Malware in sbrugna...
EUVD-2021-14053
Malware in sbrugna...
EUVD-2020-13866
Malware in sbrugna...
EUVD-2020-13867
Malware in sbrugna...
EUVD-2014-5189
Malware in sbrugna...
EUVD-2013-5529
Malware in sbrugna...
EUVD-2013-5530
Malware in sbrugna...
EUVD-2015-5092
Malware in sbrugna...
EUVD-2014-5188
Malware in sbrugna...
CVE-2021-27288
Cross Site Scripting XSS in X2Engine X2CRM v7.1 allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "Comment" field in "/profile/activity" page...
CVE-2020-21088
Cross Site Scripting XSS in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fields in "/index.php/contacts/create page"...
CVE-2020-21087
Cross Site Scripting XSS in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Module" tool...
CVE-2013-5692
Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. dot dot in the file parameter to index.php/admin/translationManager...
X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (Authenticated) Vulnerability
Exploit Title: X2CRM v6.6/6.9 - Reflected Cross-Site Scripting XSS Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://x2crm.com/ Software Link: https://sourceforge.net/projects/x2engine/ Version: X2CRM v6.6/6.9 Tested on: Ubuntu Mate 20.04 Vulnerable Parameter: model CVE: Use...
X2Engine X2CRM 跨站脚本漏洞
X2Engine X2CRM is an application from X2Engine USA. a next-generation open source social selling application for small and medium-sized businesses. A security vulnerability exists in X2Engine X2CRM versions v6.6 and v6.9, which stems from the presence of a Reflective Cross-Site Scripting XSS...
K17156: PHP vulnerability CVE-2014-5298
Security Advisory Description FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains...
X2Engine X2CRM Cross-Site Scripting Vulnerability
X2Engine X2CRM is an application from X2Engine USA, Inc. a next-generation social selling application for small and medium-sized businesses. X2Engine X2CRM version 8.0 contains a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied da...
X2Engine X2CRM 跨站脚本漏洞
X2Engine X2CRM is an application from X2Engine USA, Inc. a next-generation social selling application for small and medium-sized businesses. X2Engine X2CRM version 8.0 contains a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied da...
X2Engine X2CRM Cross-Site Scripting Vulnerability
pczupil X2CRM is a pczupil open source application. A next generation open source social selling application for small and medium sized businesses. X2Engine X2CRM v6.9 and later versions of a security vulnerability , a remote attacker can exploit the vulnerability through the "Rename Module" tool...
CVE-2021-27288
Cross Site Scripting XSS in X2Engine X2CRM v7.1 allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "Comment" field in "/profile/activity" page...