Perfex Crm Security Vulnerabilities and Issues — Perfex Crm CVE List

Lucene search

PerfexcrmPerfex Crm

5 matches found

CVE•added 2018/01/26 8:29 p.m.•54 views

CVE-2017-17976

In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.

9.8CVSS9.8AI score0.17255EPSS

CVE•added 2022/11/08 6:15 p.m.•46 views

CVE-2021-40303

perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile.

5.4CVSS5.3AI score0.00119EPSS

CVE•added 2024/09/15 3:15 a.m.•36 views

CVE-2024-8867

A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers/Clients.php of the component Parameter Handler. The manipulation of the argument message leads to cross site scripting. The attack can be i...

5.4CVSS4AI score0.00035EPSS

CVE•added 2021/10/22 8:15 p.m.•33 views

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component ./clients/client via the company name parameter.

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2024/09/11 4:15 p.m.•33 views

CVE-2024-44851

A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter.

5.4CVSS5.4AI score0.00083EPSS