Creativeitem Ekushey Project Manager vulnerabilities
2 known vulnerabilities affecting creativeitem/ekushey_project_manager.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2018-18417P4MEDIUMCVSS 5.4PoCv3.12018-10-19
CVE-2018-18417 [MEDIUM] CWE-79 CVE-2018-18417: In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and u
In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI.
nvd
CVE-2023-3754P4MEDIUMCVSS 6.1v5.02023-07-19
CVE-2023-3754 [MEDIUM] CWE-79 CVE-2023-3754: A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Mana
A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/message_read/xxxxxxxx[random-msg-hash]. The manipulation of the argument message leads to cross site scripting. It is possible to launch the attack remotely. VDB-234426 is
nvd