Vulnerabilities (CVE)

Filtered by vendor F-revocrm Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-41150 1 F-revocrm 1 F-revocrm 2024-11-21 N/A 5.4 MEDIUM
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product.
CVE-2023-41149 1 F-revocrm 1 F-revocrm 2024-11-21 N/A 9.8 CRITICAL
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running.
CVE-2019-6036 1 F-revocrm 1 F-revocrm 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 (version 6 series) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.