| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-5005 | Shanghai Lingdang Information Technology Lingdang CRM index_event.php server-side request forgery | Shanghai Lingdang Information Technology | Lingdang CRM | High | 7.3 | 2025-09-09 16:32:06 | Deep Dive |
| CVE-2025-10114 | PHPGurukul Small CRM profile.php sql injection | PHPGurukul | Small CRM | High | 7.3 | 2025-09-09 00:32:07 | Deep Dive |
| CVE-2025-5993 | Path Traversal in ITCube CRM | ITCube Software | ITCube CRM | - | - | 2025-09-08 10:18:48 | Deep Dive |
| CVE-2025-10079 | PHPGurukul Small CRM get-quote.php sql injection | PHPGurukul | Small CRM | High | 7.3 | 2025-09-08 02:32:07 | Deep Dive |
| CVE-2025-9834 | PHPGurukul Small CRM registration.php cross site scripting | PHPGurukul | Small CRM | Low | 3.5 | 2025-09-02 21:02:11 | Deep Dive |
| CVE-2009-20010 | Dogfood CRM spell.php RCE | Dogfood CRM | Dogfood CRM | 中危 | - | 2025-08-30 13:47:05 | Deep Dive |
| CVE-2025-9140 | Shanghai Lingdang Information Technology Lingdang CRM tabdetail_moduleSave.php sql injection | Shanghai Lingdang Information Technology | Lingdang CRM | Medium | 6.3 | 2025-08-19 13:32:07 | Deep Dive |
| CVE-2025-7654 | Multiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel Library | amans2k | FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce | High | 8.8 | 2025-08-19 07:26:28 | Deep Dive |
| CVE-2025-54684 | WordPress Integration for Contact Form 7 and Constant Contact Plugin plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability | CRM Perks | Integration for Contact Form 7 and Constant Contact | Medium | 5.9 | 2025-08-14 10:34:47 | Deep Dive |
| CVE-2025-54682 | WordPress Connector for Gravity Forms and Google Sheets Plugin plugin <= 1.2.4 - Cross Site Request Forgery (CSRF) Vulnerability | CRM Perks | Connector for Gravity Forms and Google Sheets | Medium | 5.4 | 2025-08-14 10:34:46 | Deep Dive |
| CVE-2025-54681 | WordPress Connector for Gravity Forms and Google Sheets Plugin plugin <= 1.2.4 - Open Redirection Vulnerability | CRM Perks | Connector for Gravity Forms and Google Sheets | Medium | 4.7 | 2025-08-14 10:34:45 | Deep Dive |
| CVE-2012-10059 | Dolibarr ERP/CRM Post-Auth OS Command Injection | Dolibarr Project | ERP/CRM | - | - | 2025-08-13 20:33:51 | Deep Dive |
| CVE-2025-8908 | Shanghai Lingdang Information Technology Lingdang CRM event.php sql injection | Shanghai Lingdang Information Technology | Lingdang CRM | Medium | 6.3 | 2025-08-13 13:02:07 | Deep Dive |
| CVE-2025-8345 | Shanghai Lingdang Information Technology Lingdang CRM yunzhijiaApi.php delete_user sql injection | Shanghai Lingdang Information Technology | Lingdang CRM | Medium | 6.3 | 2025-07-31 02:02:06 | Deep Dive |
| CVE-2025-8219 | Shanghai Lingdang Information Technology Lingdang CRM HTTP POST Request tabdetail_moduleSave_dxkp.php sql injection | Shanghai Lingdang Information Technology | Lingdang CRM | Medium | 6.3 | 2025-07-27 02:02:05 | Deep Dive |
| CVE-2025-5240 | CRM and Lead Management by vcita <= 2.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via type Parameter | vcita | CRM and Lead Management by vcita | Medium | 6.4 | 2025-07-22 01:44:27 | Deep Dive |
| CVE-2025-7915 | Chanjet CRM Login Page mailinactive.php sql injection | Chanjet | CRM | High | 7.3 | 2025-07-21 00:32:05 | Deep Dive |
| CVE-2025-7801 | BossSoft CRM HNDCBas_customPrmSearchDtl.jsp sql injection | BossSoft | CRM | High | 7.3 | 2025-07-18 18:44:05 | Deep Dive |
| CVE-2025-30758 | Oracle Siebel CRM 信息泄露漏洞 | Oracle Corporation | Siebel CRM End User | Medium | 5.3 | 2025-07-15 19:27:32 | Deep Dive |
| CVE-2025-30739 | Oracle E-Business Suite 安全漏洞 | Oracle Corporation | Oracle CRM Technical Foundation | Medium | 5.5 | 2025-07-15 19:25:57 | Deep Dive |