Jeson Customer Relationship Management System
Source repositories
CVEs (15)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-3616 | Med | 0.41 | 6.3 | 0.00 | Mar 6, 2026 | A vulnerability was detected in DefaultFuction Jeson Customer Relationship Management System 1.0.0. Impacted is an unknown function of the file /modules/customers/edit.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated… | ||
| CVE-2026-4623 | Hig | 0.40 | 7.3 | 0.00 | Mar 24, 2026 | A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file /api/System.php of the component API Module. The manipulation of the argument… | ||
| CVE-2026-5325 | Low | 0.23 | 3.5 | 0.00 | Apr 2, 2026 | A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create Ticket. This manipulation of the argument Description causes cross site… | ||
| CVE-2023-24204 | 0.00 | — | 0.01 | May 14, 2024 | SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php. | |||
| CVE-2023-24203 | 0.00 | — | 0.01 | May 14, 2024 | Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s). | |||
| CVE-2023-24730 | 0.00 | — | 0.01 | Mar 15, 2023 | Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function. | |||
| CVE-2023-24732 | 0.00 | — | 0.01 | Mar 15, 2023 | Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function. | |||
| CVE-2023-24731 | 0.00 | — | 0.01 | Mar 15, 2023 | Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function. | |||
| CVE-2023-24651 | 0.00 | — | 0.01 | Feb 27, 2023 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter on the registration page. | |||
| CVE-2023-24653 | 0.00 | — | 0.01 | Feb 27, 2023 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function. | |||
| CVE-2023-24364 | 0.00 | — | 0.01 | Feb 27, 2023 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel. | |||
| CVE-2023-24652 | 0.00 | — | 0.01 | Feb 27, 2023 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function. | |||
| CVE-2023-0917 | 0.00 | — | 0.01 | Feb 19, 2023 | A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer Relationship Management System 1.0. This affects an unknown part of the file /php-scrm/login.php. The manipulation of the argument Password leads to sql injection. It is possible to… | |||
| CVE-2021-43130 | 0.00 | — | 0.02 | Nov 3, 2021 | An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php. | |||
| CVE-2021-37221 | 0.00 | — | 0.01 | Oct 27, 2021 | A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & customer create option, which could let a remote malicious user upload an arbitrary php file. . |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in DefaultFuction Jeson Customer Relationship Management System 1.0.0. Impacted is an unknown function of the file /modules/customers/edit.php. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated…
- risk 0.40cvss 7.3epss 0.00
A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file /api/System.php of the component API Module. The manipulation of the argument…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create Ticket. This manipulation of the argument Description causes cross site…
- CVE-2023-24204May 14, 2024risk 0.00cvss —epss 0.01
SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php.
- CVE-2023-24203May 14, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s).
- CVE-2023-24730Mar 15, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function.
- CVE-2023-24732Mar 15, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function.
- CVE-2023-24731Mar 15, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function.
- CVE-2023-24651Feb 27, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter on the registration page.
- CVE-2023-24653Feb 27, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function.
- CVE-2023-24364Feb 27, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel.
- CVE-2023-24652Feb 27, 2023risk 0.00cvss —epss 0.01
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function.
- CVE-2023-0917Feb 19, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer Relationship Management System 1.0. This affects an unknown part of the file /php-scrm/login.php. The manipulation of the argument Password leads to sql injection. It is possible to…
- CVE-2021-43130Nov 3, 2021risk 0.00cvss —epss 0.02
An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php.
- CVE-2021-37221Oct 27, 2021risk 0.00cvss —epss 0.01
A file upload vulnerability exists in Sourcecodester Customer Relationship Management System 1.0 via the account update option & customer create option, which could let a remote malicious user upload an arbitrary php file. .