Vulnerabilities > Perfexcrm

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-15	CVE-2024-8867	Cross-site Scripting vulnerability in Perfexcrm Perfex CRM 3.1.6 A vulnerability was found in Perfex CRM 3.1.6. network low complexity perfexcrm CWE-79	5.4
2024-09-11	CVE-2024-44851	Cross-site Scripting vulnerability in Perfexcrm Perfex CRM 1.1.0 A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter. network low complexity perfexcrm CWE-79	5.4
2022-11-08	CVE-2021-40303	Cross-site Scripting vulnerability in Perfexcrm Perfex CRM 1.10 perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile. network low complexity perfexcrm CWE-79	5.4
2021-10-22	CVE-2020-28961	Cross-site Scripting vulnerability in Perfexcrm Perfex CRM 2.4.4 Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component ./clients/client via the company name parameter. network low complexity perfexcrm CWE-79	5.4
2018-01-26	CVE-2017-17976	Unrestricted Upload of File with Dangerous Type vulnerability in Perfexcrm Perfex CRM 1.9.7 In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution. network low complexity perfexcrm CWE-434 critical	9.8

Vulnerabilities > Perfexcrm {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Perfexcrm"}]}