Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
XrmsXrms Crm

3 matches found

CVE
CVEadded 2008/07/31 4:41 p.m.33 views

CVE-2008-3400

XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function.

4.3CVSS6.3AI score0.02964EPSS
CVE
CVEadded 2008/07/31 4:41 p.m.29 views

CVE-2008-3398

Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. NOTE: this may overlap CVE-2008-1129.

2.6CVSS5.8AI score0.0353EPSS
CVE
CVEadded 2008/07/31 4:41 p.m.26 views

CVE-2008-3399

PHP remote file inclusion vulnerability in activities/workflow-activities.php in XRMS CRM 1.99.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the include_directory parameter.

6.8CVSS7.6AI score0.0105EPSS