CVE-2025-3568
- EPSS 0.01%
- Veröffentlicht 14.04.2025 13:31:04
- Zuletzt bearbeitet 26.06.2025 19:21:05
A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/settings/users/edit/ of the component SVG File Handler. The manipulation lead...
CVE-2024-45932
- EPSS 0.04%
- Veröffentlicht 07.10.2024 16:15:05
- Zuletzt bearbeitet 11.10.2024 13:21:12
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2.
CVE-2024-46366
- EPSS 0.41%
- Veröffentlicht 27.09.2024 17:15:13
- Zuletzt bearbeitet 09.07.2025 17:57:50
A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege esca...
CVE-2024-46367
- EPSS 0.25%
- Veröffentlicht 27.09.2024 17:15:13
- Zuletzt bearbeitet 09.07.2025 17:41:49
A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to inject arbitrary JavaScript code by submitting a malicious payload within the username field. This can lead to privilege escalation when the paylo...
CVE-2023-2925
- EPSS 0.09%
- Veröffentlicht 27.05.2023 09:15:09
- Zuletzt bearbeitet 21.11.2024 07:59:34
A vulnerability, which was classified as problematic, was found in Webkul krayin crm 1.2.4. This affects an unknown part of the file /admin/contacts/organizations/edit/2 of the component Edit Person Page. The manipulation of the argument Organization...