Small Crm Security Vulnerabilities and Issues — Small Crm CVE List

Lucene search

Small Crm ProjectSmall Crm

4 matches found

CVE•added 2023/10/04 8:15 p.m.•44 views

CVE-2023-44075

Cross Site Scripting vulnerability in Small CRM in PHP v.3.0 allows a remote attacker to execute arbitrary code via a crafted payload to the Address parameter.

5.4CVSS5.8AI score0.00202EPSS

CVE•added 2023/10/20 4:15 a.m.•39 views

CVE-2023-45394

Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the "Request a Quote" Section of Small CRM v3.0 allows an attacker to store and execute malicious javascript code in the Admin panel which leads to Admin account takeover.

5.4CVSS5.2AI score0.00492EPSS

CVE•added 2023/01/26 9:18 p.m.•38 views

CVE-2022-47073

A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter.

5.4CVSS5.3AI score0.00181EPSS

CVE•added 2023/09/27 3:19 p.m.•31 views

CVE-2023-43331

A cross-site scripting (XSS) vulnerability in the Add User function of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

5.4CVSS5.3AI score0.0027EPSS