Vulnerabilities > Espocrm > Espocrm > 1.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-28 | CVE-2019-14330 | Cross-site Scripting vulnerability in Espocrm An issue was discovered in EspoCRM before 5.6.6. | 4.3 |
| 2019-07-28 | CVE-2019-14329 | Cross-site Scripting vulnerability in Espocrm An issue was discovered in EspoCRM before 5.6.6. | 4.3 |
| 2019-07-18 | CVE-2019-13643 | Cross-site Scripting vulnerability in Espocrm Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. | 4.3 |
| 2014-10-31 | CVE-2014-7987 | Cross-Site Scripting vulnerability in Espocrm Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php. | 4.3 |
| 2014-10-31 | CVE-2014-7986 | Permissions, Privileges, and Access Controls vulnerability in Espocrm install/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via a 1 value in the installProcess parameter. | 5.0 |
| 2014-10-31 | CVE-2014-7985 | Path Traversal vulnerability in Espocrm Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. | 10.0 |