Vulnerabilities > Espocrm

DATE	CVE	VULNERABILITY TITLE	RISK
2014-10-31	CVE-2014-7986	Permissions, Privileges, and Access Controls vulnerability in Espocrm install/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via a 1 value in the installProcess parameter. network low complexity espocrm CWE-264	5.0
2014-10-31	CVE-2014-7985	Path Traversal vulnerability in Espocrm Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. network low complexity espocrm CWE-22 critical	10.0
2014-10-20	CVE-2014-8330	Cross-Site Scripting vulnerability in Espocrm Cross-site scripting (XSS) vulnerability in EspoCRM allows remote authenticated users to inject arbitrary web script or HTML via the Name field in a new account. network espocrm CWE-79	3.5

Vulnerabilities > Espocrm {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Espocrm"}]}