VYPR

Small CRM

by Phpgurukul

CVEs (25)

  • CVE-2023-45394Oct 20, 2023
    risk 0.00cvss epss 0.00

    Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the "Request a Quote" Section of Small CRM v3.0 allows an attacker to store and execute malicious javascript code in the Admin panel which leads to Admin account takeover.

  • CVE-2023-43331Sep 26, 2023
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in the Add User function of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

  • CVE-2023-34650Jun 28, 2023
    risk 0.00cvss epss 0.00

    PHPgurukl Small CRM v.1.0 is vulnerable to Cross Site Scripting (XSS).

  • CVE-2022-47073Jan 25, 2023
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter.

  • CVE-2020-5511Jan 8, 2020
    risk 0.00cvss epss 0.02

    PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator login page.

Page 2 of 2