Filtered by vendor Uab Lexita
Subscriptions
Filtered by product Panteracrm Cms
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-40531 | 1 Uab Lexita | 2 Panteracrm Cms, Patera Crm Cms | 2024-10-24 | 8.8 High |
A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional parameters via profile management functions. | ||||
CVE-2024-40530 | 1 Uab Lexita | 1 Panteracrm Cms | 2024-08-28 | 9.8 Critical |
A vulnerability in Pantera CRM versions 401.152 and 402.072 allows unauthorized attackers to bypass IP-based access controls by manipulating the X-Forwarded-For header. |
Page 1 of 1.