Every CVE whose affected-product data names Xrms Xrms Crm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2008-3948 — CVSS 7.5 (high): SQL injection vulnerability in admin/users/self-2.php in XRMS allows remote attackers to execute arbitrary SQL commands and modify name and…
CVE-2008-3399 — CVSS 6.8 (medium): PHP remote file inclusion vulnerability in activities/workflow-activities.php in XRMS CRM 1.99.2, when register_globals is enabled, allows…
CVE-2008-3400 — CVSS 4.3 (medium): XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo…
CVE-2008-3664 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in XRMS allow remote attackers to inject arbitrary web script or HTML via (1) the real…
CVE-2008-3398 — CVSS 2.6 (low): Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via…