Show filters
15 Total Results
Displaying 1-10 of 15
Sort by:
Attacker Value
Very High

CVE-2021-43130

Disclosure Date: November 03, 2021 (last updated February 23, 2025)
An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
2
1
Attacker Value
Unknown

CVE-2023-24655

Disclosure Date: March 23, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24732

Disclosure Date: March 15, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24731

Disclosure Date: March 15, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24730

Disclosure Date: March 15, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24729

Disclosure Date: March 15, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24728

Disclosure Date: March 15, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the contact parameter in the user profile update function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24656

Disclosure Date: February 27, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24654

Disclosure Date: February 27, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-24653

Disclosure Date: February 27, 2023 (last updated October 08, 2023)
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  Next >