Filter
-Infinity
0

Trending

Last week
Last month
Last year

Software

espocrm
29

EspoCRMEspoCRM Allows Potential Disclosure of Sensitive Information in the User Sorting Function

low
3.1
EPSS
0.03%
First published (updated )
CVE-2025-32789

EspoCRMEspoCRM allows unrestricted Embedding in Iframe dashlet

medium
5.3
EPSS
0.03%
First published (updated )
CVE-2025-32385

EspoCRMEspoCRM weakness in "Forgot password"

medium
5.9
EPSS
0.04%
First published (updated )
CVE-2024-24818

EspoCRMServer-Side Request Forgery in espocrm

medium
6.5
First published (updated )
CVE-2023-46736

EspoCRMUnrestricted Upload of File with Dangerous Type in EspoCRM

critical
9.1
EPSS
0.06%
First published (updated )
CVE-2023-5966

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

EspoCRMUnrestricted Upload of File with Dangerous Type in EspoCRM

critical
9.1
EPSS
0.06%
First published (updated )
CVE-2023-5965

EspoCRMMalicious File Upload

high
8.8
First published (updated )
CVE-2022-38843

EspoCRMCSV Injection in Create Contacts in EspoCRM 7.1.8 allows remote authenticated users to run system co…

high
8
First published (updated )
CVE-2022-38844

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2022-38845

EspoCRMEspoCRM version 7.1.8 is vulnerable to Missing Secure Flag allowing the browser to send plain text c…

medium
5.9
First published (updated )
CVE-2022-38846

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

EspoCRMEspoCRM Avatar Persistent XSS

medium
6.3
First published (updated )
CVE-2021-3539

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2019-14547

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2019-14548

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2019-14546

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2019-14550

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2019-14549

EspoCRMEspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malicious authenticated attacker ca…

high
8.8
First published (updated )
CVE-2019-14351

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2019-14350

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2019-14349

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2019-14331

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2019-14330

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2019-14329

EspoCRMXSS

medium
6.1
First published (updated )
CVE-2019-13643

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2018-17301

EspoCRMXSS

medium
5.4
First published (updated )
CVE-2018-17302

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

EspoCRMinstall/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via …

medium
5
First published (updated )
CVE-2014-7986

EspoCRMXSS

medium
4.3
First published (updated )
CVE-2014-7987

EspoCRMPath Traversal

critical
10
First published (updated )
CVE-2014-7985

EspoCRMXSS

low
3.5
First published (updated )
CVE-2014-8330

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203