Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Business and Enterprise Solutions
  • CRM

CRM

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    16 Jan 2025 Business and Enterprise Solutions
    SuiteCRM: Arbitrary Database Field Recovery Vulnerability

    In SuiteCRM version 7.12.7 a high severity vulnerability CVE-2022-45186 was detected. This vulnerability allows authenticated users to recover arbitrary fields from the database. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2022-45186.

    Read more
    CRM
    14 Jan 2025 Business and Enterprise Solutions
    MonicaHQ: Client-Side Injection Vulnerability in General Information Module

    In MonicaHQ version 4.1.2 a medium severity vulnerability CVE-2024-54999 was detected. This vulnerability allows attackers to exploit a Client-Side Injection via the `last_name` parameter in the General Information module. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-54999.

    Read more
    CRM
    14 Jan 2025 Business and Enterprise Solutions
    MonicaHQ: Authenticated Client-Side Injection Vulnerability in Journal Entry Editing

    In MonicaHQ version 4.1.1 a medium severity vulnerability CVE-2024-54997 was detected. This vulnerability allows attackers to exploit an authenticated Client-Side Injection via the `entry` text field at `/journal/entries/ID/edit`. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-54997.

    Read more
    CRM
    6 Sep 2024 Business and Enterprise Solutions
    SuiteCRM: API Record Deletion Vulnerability

    In SuiteCRM versions 7.14.4 and 8.6.1 a high severity vulnerability CVE-2024-45392 was detected. This vulnerability allows attackers to delete records via the API due to insufficient access control checks. To fix this issue users must upgrade to versions 7.14.5 and 8.6.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-45392.

    Read more
    CRM
    21 Jun 2024 Business and Enterprise Solutions
    SuiteCRM: The vulnerability allows attackers to perform a server-side request forgery attack

    In SuiteCRM versions 7.14.4 and 8.6.1 a medium severity vulnerability CVE-2024-36414 was detected. This vulnerability allows attackers to perform a server-side request forgery attack. To address this issue, users must install the fix in the versions 7.14.4 and 8.6.1. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36414/.

    Read more
    CRM
    21 Jun 2024 Business and Enterprise Solutions
    SuiteCRM: Import Module Flaw Enables XSS Attacks

    In SuiteCRM prior to versions 7.14.4 and 8.6.1, a medium severity vulnerability CVE-2024-36413 was detected. A weakness in the import module error view allows XSS attacks due to improper input sanitization. Versions 7.14.4 and 8.6.1 fix this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36413.

    Read more
    CRM
    21 Jun 2024 Business and Enterprise Solutions
    SuiteCRMF: File Upload Vulnerability Enables Remote Code Execution

    In SuiteCRM versions prior to 7.14.4 and prior to 8.6.1 a high severity vulnerability CVE-2024-36415 was detected. This flaw in the product’s file upload system allows attackers to upload harmful files that can be executed, potentially compromising the system. This issue was resolved in versions 7.14.4 and 8.6.1. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36415/.

    Read more
    CRM
    20 Jun 2024 Business and Enterprise Solutions
    SuiteCRM: Unverified IFrames Can Lead to Cross-Site Scripting Attacks

    In SuiteCRM versions 7.14.4 and 8.6.1 a critical severity vulnerability CVE-2024-36417 was detected. An unverified IFrame could enable a cross-site scripting attack by allowing harmful inputs to be served to users without proper security checks. Versions 7.14.4 and 8.6.1 contain a fix for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36417/.

    Read more
    CRM
    20 Jun 2024 Business and Enterprise Solutions
    SuiteCRM: Unchecked Inputs Enable Dangerous Redirects

    In SuiteCRM versions 7.14.4 and 8.6.1 a medium severity vulnerability CVE-2024-36406 was detected. Unchecked input in a web application can be exploited to redirect users to malicious sites, making phishing attacks easier. Versions 7.14.4 and 8.6.1 contain a fix for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36406/.

    Read more
    CRM
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy