Perfex Crm
Approved changes feed: RSS · Atom
cpe:2.3:a:codecanyon:perfex_crm:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Codecanyon (a6a90f23-b98d-5184-9eae-192ed15afa35) |
|---|---|
| Product | Perfex Crm (10c88eb4-f42b-50f3-9371-5d4c7bc49b50) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-7783 |
vulnerable | 2026-06-03 15:27:57.277830 |
CodeCanyon Perfex CRM Admin Kanban Endpoint AbstractKanban.php applySortQuery sql injection
MEDIUM (6.3)
A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of the component Admin Kanban Endpoint. This manipulation of the argument this causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Published: 2026-05-04T23:15:13.847Z
Updated: 2026-05-06T14:01:06.952Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-7782 |
vulnerable | 2026-06-03 15:27:57.277313 |
CodeCanyon Perfex CRM Tenant Clients.php project authorization
MEDIUM (6.3)
A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The manipulation of the argument ID results in authorization bypass. The attack may be performed from remote. The exploit is now public and may be used.
Published: 2026-05-04T22:30:18.897Z
Updated: 2026-05-05T14:06:57.794Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3219 |
vulnerable | 2026-06-03 15:01:04.042477 |
CodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting
LOW (3.5)
A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-04-04T07:31:05.135Z
Updated: 2025-04-04T13:14:34.983Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2974 |
vulnerable | 2026-06-03 15:00:26.948284 |
CodeCanyon Perfex CRM Contracts contract cross site scripting
LOW (3.5)
A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contract of the component Contracts. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-31T03:31:05.880Z
Updated: 2025-03-31T16:04:34.258Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.