2 matches found
X2Engine X2CRM Cross-Site Request Forgery Vulnerability
X2Engine X2CRM is the United States X2Engine company's set of open source customer relationship management program CRM. A cross-site request forgery vulnerability exists in X2Engine X2CRM versions prior to 5.2. A remote attacker can exploit this vulnerability by sending a specially crafted reques...
X2Engine CRM 4.2.1 Cross Site Scripting
Affected Vendor: http://www.x2engine.com/ Date: 24/09/2014 Discovered by: JoeV Type of vulnerability: XSS Tested on: Windows 7 Version : 4.2.1 Description: X2Engine CRM v 3.3.3 is susceptible to Cross Site Scripting attack. Proof of Concept PoC: --------------------------- POST...