Every CVE whose affected-product data names Fit2cloud Cordys Crm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2025-70981 — CVSS 9.8 (critical): CordysCRM 1.4.1 is vulnerable to SQL Injection in the employee list query interface (/user/list) via the departmentIds parameter.