Shodan
Vulnerabilities
Vulnerable Software
Perfexcrm:  >> Perfex Crm  >> 3.3.1  Security Vulnerabilities
CVE-2025-10345
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'address' at the endpoint 'admin/leads/lead'.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-29
CVE-2025-10346
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'subject' at the endpoint 'knoewledge_base/article'.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-29
CVE-2025-10342
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'name' at the endpoint '/subscriptions/create'.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-29
CVE-2025-10343
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'expense_name' at the endpoint '/expenses/expense'.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-29
CVE-2025-10344
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters 'name' and 'clientid' at the endpoint '/projects/project/x'.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-29
CVE-2025-10341
HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the endpoint '/clients/client/x.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved