5.3
CVSS4.0
CVE-2025-10341 - HTML injection in Perfex CRM
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameterΒ 'company' at the endpointΒ '/clients/client/x.
π
Published: Sept. 29, 2025, 8:36 a.m.
π Last Modified: Oct. 2, 2025, 7:48 p.m.
8.8
CVSS4.0
CVE-2025-48006 -
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service (DoS) condition maβ¦
π
Published: Sept. 29, 2025, 7:40 a.m.
π Last Modified: Oct. 14, 2025, 6:18 p.m.
0.0
CVE-2025-61631 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61633 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61630 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61629 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61632 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61626 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61628 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
0.0
CVE-2025-61627 -
Not used
π
Published: Sept. 29, 2025, 7:36 a.m.
π Last Modified: Sept. 30, 2025, 2:55 a.m.
Filters