Vulnerabilities > Vtenext

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-14	CVE-2020-10229	Cross-Site Request Forgery (CSRF) vulnerability in Vtenext 19 A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts. network vtenext CWE-352	6.8
2020-09-14	CVE-2020-10228	Unrestricted Upload of File with Dangerous Type vulnerability in Vtenext 19 A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution. network low complexity vtenext CWE-434	6.5
2020-09-14	CVE-2020-10227	Cross-site Scripting vulnerability in Vtenext 19 A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email. network vtenext CWE-79	4.3

Vulnerabilities > Vtenext {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vtenext"}]}