CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-70981

CordysCRM 1.4.1 is vulnerable to SQL Injection in the employee list query interface (/user/list) via the departmentIds parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/Tomikun2/SQL-Injection-in-CordysCRM/blob/main/README.md

Products affected by CVE-2025-70981

Fit2cloud » Cordys Crm » Version: 1.4.1

cpe:2.3:a:fit2cloud:cordys_crm:1.4.1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved