VYPR

CRM

by 07fly

CVEs (6)

  • CVE-2015-6000Feb 6, 2020
    risk 0.09cvss epss 0.40

    Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an…

  • CVE-2023-5020Sep 17, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in 07FLY CRM V2. This issue affects some unknown processing of the file /index.php/sysmanage/Login/login_auth/ of the component Administrator Login Page. The manipulation of the argument account leads to sql…

  • CVE-2023-3058Jun 2, 2023
    risk 0.00cvss epss 0.01

    A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been…

  • CVE-2020-22807Apr 29, 2021
    risk 0.00cvss epss 0.01

    An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature.

  • CVE-2020-35418Apr 14, 2021
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file.

  • CVE-2020-35419Apr 14, 2021
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.