Customer Relationship Management
Approved changes feed: RSS · Atom
cpe:2.3:a:07fly:customer_relationship_management:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | 07Fly (f2b08433-4d69-5b6b-adde-07d95d0a1c29) |
|---|---|
| Product | Customer Relationship Management (86aabedc-9aca-5de6-a87b-ffe43029ccd2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-7078 |
vulnerable | 2026-06-08 07:43:17.980650 |
07FLYCMS/07FLY-CMS/07FlyCRM cross-site request forgery
MEDIUM (4.3)
A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is published under multiple names. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-07-06T08:32:05.396Z
Updated: 2025-07-07T16:21:20.599Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9904 |
vulnerable | 2026-06-08 07:00:28.881376 |
07FLYCMS/07FLY-CMS/07FlyCRM pictureUpload unrestricted upload
MEDIUM (4.7)
A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address.
Published: 2024-10-13T01:31:04.358Z
Updated: 2024-10-15T14:28:47.424Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9903 |
vulnerable | 2026-06-08 07:00:28.880458 |
07FLYCMS/07FLY-CMS/07FlyCRM fileUpload unrestricted upload
MEDIUM (4.7)
A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/File/fileUpload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The affected product is known with different names like 07FLYCMS, 07FLY-CMS, and 07FlyCRM. It was not possible to reach out to the vendor before assigning a CVE due to a not working mail address.
Published: 2024-10-12T23:00:06.275Z
Updated: 2024-10-15T14:38:20.692Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-3058 |
vulnerable | 2026-06-08 06:09:38.407795 |
07FLY CRM User Profile cross site scripting
LOW (3.5)
A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code of the component User Profile Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230560.
Published: 2023-06-02T13:00:04.613Z
Updated: 2025-01-08T17:57:52.617Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.