Phpgurukul

Small Crm

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-50484

Exploit
  • EPSS 0.04%
  • Veröffentlicht 28.07.2025 00:00:00
  • Zuletzt bearbeitet 07.08.2025 01:33:20

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM v3.0 allows attackers to execute a session hijacking attack.

7.5

CVE-2025-5227

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.05.2025 03:00:09
  • Zuletzt bearbeitet 10.06.2025 15:43:19

A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection. The attack may be ini...

7.5

CVE-2025-5226

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.05.2025 02:31:08
  • Zuletzt bearbeitet 10.06.2025 15:43:41

A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation of the argument oldpass leads to sql injection. The attack can be ...

5.4

CVE-2024-48170

  • EPSS 0.08%
  • Veröffentlicht 10.02.2025 18:15:26
  • Zuletzt bearbeitet 18.02.2025 20:15:19

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php.

9.8

CVE-2024-13001

  • EPSS 0.07%
  • Veröffentlicht 29.12.2024 03:15:07
  • Zuletzt bearbeitet 03.04.2025 12:35:17

A vulnerability was found in PHPGurukul Small CRM 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attac...

9.8

CVE-2024-13000

Exploit
  • EPSS 0.07%
  • Veröffentlicht 29.12.2024 03:15:05
  • Zuletzt bearbeitet 18.02.2025 19:02:13

A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection. The attack may be initiated...

9.8

CVE-2024-12999

Exploit
  • EPSS 0.06%
  • Veröffentlicht 29.12.2024 02:15:17
  • Zuletzt bearbeitet 18.02.2025 19:03:01

A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php. The manipulation of the argument id leads to sql injection. The attack can be initiated r...

9.8

CVE-2024-3691

Exploit
  • EPSS 0.09%
  • Veröffentlicht 12.04.2024 16:15:40
  • Zuletzt bearbeitet 18.02.2025 19:04:33

A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown functionality of the component Registration Page. The manipulation leads to sql injection. The attack may be launche...

8.8

CVE-2024-3690

Exploit
  • EPSS 3.52%
  • Veröffentlicht 12.04.2024 15:15:26
  • Zuletzt bearbeitet 18.02.2025 19:04:05

A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched rem...