Xrms Crm Project Xrms Crm — known CVE vulnerabilities
Every CVE whose affected-product data names Xrms Crm Project Xrms Crm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
- CVE-2014-5520 — CVSS 7.5 (high): SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute arbitrary SQL commands via the user_id…
- CVE-2014-5521 — CVSS 6.5 (medium): plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell…