Vulnerabilities > Vtenext

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-14	CVE-2020-10229	Cross-Site Request Forgery (CSRF) vulnerability in Vtenext 19 A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts. network low complexity vtenext CWE-352	8.8
2020-09-14	CVE-2020-10228	Unrestricted Upload of File with Dangerous Type vulnerability in Vtenext 19 A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution. network low complexity vtenext CWE-434	8.8
2020-09-14	CVE-2020-10227	Cross-site Scripting vulnerability in Vtenext 19 A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email. network low complexity vtenext CWE-79	6.1

Vulnerabilities > Vtenext {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vtenext"}]}