A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the
A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. T
A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument File
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2.
CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers
A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0. This affects an unknown part of the file /v2/customerdb/person.svc/change_password of the component API H
A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the arg
A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities
Cross-Site Scripting (XSS) vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activitie
A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Pe
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulat
A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vulnerability affects unknown code of the file app/backend/view/index/index.html of the component Backend Interface. The ma
An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file.
A vulnerability, which was classified as problematic, was found in HkCms up to 2.3.2.240702. This affects an unknown part of the file /index.php/search/index.html of the component Search. The manipula
A security flaw has been discovered in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. The impacted element is an unknown function of the component SVG File Handler. Performing manipulat
A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0. Affected by this issue is some unknown functionality of the component Referer Handler. The manipulation leads
A vulnerability, which was classified as problematic, has been found in CMS Made Simple 2.2.21. This issue affects some unknown processing of the component Design Manager Module. The manipulation of t
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The m
A vulnerability was found in Bitwarden up to 2.25.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation
Page 1+ Next →