Codecanyon Perfex Crm vulnerabilities
4 known vulnerabilities affecting codecanyon/perfex_crm.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2026-7782P3MEDIUMCVSS 6.3v3.4.0v3.4.12026-05-04
CVE-2026-7782 [MEDIUM] CWE-285 CVE-2026-7782: A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients
A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The manipulation of the argument ID results in authorization bypass. The attack may be performed from remote. The exploit is now public and may be used.
nvd
CVE-2026-7783P3MEDIUMCVSS 6.3v3.4.0v3.4.12026-05-05
CVE-2026-7783 [MEDIUM] CWE-74 CVE-2026-7783: A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function
A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of the component Admin Kanban Endpoint. This manipulation of the argument this causes sql injection. It is possible to initiate the attack remotely. The exploit has been pu
nvd
CVE-2025-3219P4MEDIUMCVSS 5.4v3.2.12025-04-04
CVE-2025-3219 [MEDIUM] CWE-79 CVE-2025-3219: A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Aff
A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been
nvd
CVE-2025-2974P4MEDIUMCVSS 5.4v3.2.0v3.2.12025-03-31
CVE-2025-2974 [MEDIUM] CWE-79 CVE-2025-2974: A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. T
A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contract of the component Contracts. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be
nvd