Oretnom23 Simple Customer Relationship Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Oretnom23 Simple Customer Relationship Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Oretnom23 Simple Customer Relationship Management System. Simple Customer Relationship Management System did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 0.00 |
| 2023 | 13 | 8.69 |
It may take a day or so for new Simple Customer Relationship Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oretnom23 Simple Customer Relationship Management System Security Vulnerabilities
SourceCodester Simple CRM 1.0 SQLi in get-quote.php Code Exec
CVE-2023-24204
- May 14, 2024
SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php.
XSS in SourceCodester SCMS v1.0 via 'company' query parameters
CVE-2023-24203
- May 14, 2024
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s).
SQLi in Simple CRM 1.0 via Profile Update name param
CVE-2023-24655
9.8 - Critical
- March 23, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function.
SQL Injection
SQLi in SCMRMS v1.0 user profile update via gender param
CVE-2023-24732
8.8 - High
- March 15, 2023
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the gender parameter in the user profile update function.
SQL Injection
SQLi via query param in SCMR v1.0 user profile update
CVE-2023-24731
8.8 - High
- March 15, 2023
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function.
SQL Injection
SQLi in Simple CRM v1.0 via company param in User Profile Update
CVE-2023-24730
8.8 - High
- March 15, 2023
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the company parameter in the user profile update function.
SQL Injection
SQL Injection in Simple Customer Relationship Management System v1.0 via address param
CVE-2023-24729
8.8 - High
- March 15, 2023
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function.
SQL Injection
SQLi via contact parameter in Simple CRM v1.0
CVE-2023-24728
8.8 - High
- March 15, 2023
Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the contact parameter in the user profile update function.
SQL Injection
SQLi in Simple CRM v1.0 via Create Ticket subject param
CVE-2023-24656
8.8 - High
- February 27, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function.
SQL Injection
SQLi in Simple CRM v1.0 via Request a Quote name param
CVE-2023-24654
8.8 - High
- February 27, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function.
SQL Injection
SQL Injection via oldpass in Simple CRM v1.0 Change Password
CVE-2023-24653
8.8 - High
- February 27, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function.
SQL Injection
Simple CRM v1.0 SQLi via Description param in Create Ticket
CVE-2023-24652
8.8 - High
- February 27, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function.
SQL Injection
Simple CRM v1.0 SQLi via name param on register page
CVE-2023-24651
5.4 - Medium
- February 27, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter on the registration page.
XSS
SQLi in Simple CRM System v1.0 Admin Panel username parameter
CVE-2023-24364
8.8 - High
- February 27, 2023
Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel.
SQL Injection
SQLi in SourceCodester SCRM 1.0 login.php via Password arg
CVE-2023-0917
9.8 - Critical
- February 19, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer Relationship Management System 1.0. This affects an unknown part of the file /php-scrm/login.php. The manipulation of the argument Password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221493 was assigned to this vulnerability.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oretnom23 Simple Customer Relationship Management System or by Oretnom23? Click the Watch button to subscribe.
