Perfexcrm Perfex_crm

13 CVEs affecting Perfexcrm Perfex_crm. Latest disclosed: 2025-09-29. Critical: 1, High: 0.

Top CVEs affecting Perfexcrm Perfex_crm
CVESeverityScorePublishedSummary
CVE-2017-17976Critical9.82018-01-26In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.
CVE-2025-10346Medium6.12025-09-29HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST requ…
CVE-2025-10345Medium6.12025-09-29HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST requ…
CVE-2025-10344Medium6.12025-09-29HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST requ…
CVE-2025-10343Medium6.12025-09-29HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST requ…
CVE-2025-10342Medium6.12025-09-29HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST requ…
CVE-2025-10341Medium6.12025-09-29HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST requ…
CVE-2024-44851Medium5.42024-09-11A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via…
CVE-2021-40303Medium5.42022-11-08perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile.
CVE-2020-28961Medium5.42021-10-22Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component ./clients/client via the company name parameter.
CVE-2025-3219Low3.52025-04-04A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/pr…
CVE-2025-2974Low3.52025-03-31A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contrac…
CVE-2024-8867Low3.52024-09-15A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This vulnerability affects unknown code of the file application/controllers…