Thinkingreed Inc F-Revocrm vulnerabilities
3 known vulnerabilities affecting thinkingreed_inc/f-revocrm.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-41149P2CRITICALCVSS 9.8vversion7.3.7 and version7.3.8 2023-09-06
CVE-2023-41149 [CRITICAL] CWE-78 CVE-2023-41149: F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vuln
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running.
nvd
CVE-2023-41150P4MEDIUMCVSS 5.4v7.3 series prior to version7.3.82023-09-06
CVE-2023-41150 [MEDIUM] CWE-79 CVE-2023-41150: F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vu
F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product.
nvd
CVE-2019-6036P4MEDIUMCVSS 6.1v6.0 to F-RevoCRM 6.5 patch6 (version 6 series)2020-01-27
CVE-2019-6036 [MEDIUM] CWE-79 CVE-2019-6036: Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 (version 6 series) allow
Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 (version 6 series) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd