X2engine X2crm Vulnérabilités

Chronologie

Version

5.0.04
5.0.14
5.0.24
5.0.34
5.0.44

Contre-mesures

Official Fix8
Temporary Fix0
Workaround0
Unavailable0
Not Defined2

Exploitabilité

High0
Functional0
Proof-of-Concept4
Unproven0
Not Defined6

Vecteur d'accès

Not Defined0
Physical0
Local0
Adjacent0
Network10

Authentification

Not Defined0
High0
Low4
None6

Interaction de l'utilisateur

Not Defined0
Required6
None4

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤42
≤54
≤60
≤70
≤84
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤44
≤52
≤60
≤72
≤82
≤90
≤100

VulDB

≤10
≤20
≤30
≤42
≤54
≤60
≤72
≤82
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤92
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k6
<2k0
<5k4
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k10
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Versions (52): 1.0, 1.0.1, 1.1, 1.2, 1.2.1, 1.2.2, 1.3, 1.3.1, 2.2.1, 2.5, 2.5.2, 2.7, 2.7.1, 2.7.2, 2.8, 2.8.1, 2.9, 2.9.1, 3.0, 3.0.1, 3.0.2, 3.1.1, 3.1.2, 3.2, 3.3, 3.3.1, 3.3.2, 3.4, 3.4.1, 5, 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.1, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 6.9, 7.0, 7.1

PubliéBaseTempVulnérabilité0dayAujourd'huiExpConCTICVE
15/04/20213.53.5X2Engine X2CRM activity cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-27288
15/04/20213.53.5X2engine X2CRM create cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-21088
15/04/20213.53.5X2Engine X2CRM Rename a Module Tool cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-21087
17/10/20177.57.2X2Engine X2CRM File Upload ProfileController.php actionUploadPhoto elévation de privilèges$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-2664
29/09/20154.34.1X2Engine X2CRM cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-5076
29/09/20154.33.9X2Engine X2CRM create cross site request forgery$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2015-5075
29/09/20157.36.6X2Engine X2CRM PHT File FileUploadsFilter.php FileUploadsFilter Whitelist elévation de privilèges$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2015-5074
30/09/20134.33.9X2Engine X2CRM cross site scripting$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2013-5693
30/09/20138.87.9X2Engine X2CRM directory traversal$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.00CVE-2013-5692

plus d'entrées par X2engine

PrécédentAperçuSuivant

Might our Artificial Intelligence support you?

Check our Alexa App!