Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2022-46610

Disclosure Date: January 10, 2023 (last updated February 24, 2025)
72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-37181

Disclosure Date: August 24, 2022 (last updated February 24, 2025)
72crm 9.0 has an Arbitrary file upload vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-37178

Disclosure Date: August 24, 2022 (last updated February 24, 2025)
An issue was discovered in 72crm 9.0. There is a SQL Injection vulnerability in View the task calendar.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0