Product
sap customer relationship management
19 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-7078
CVE-2024-57161
CVE-2024-57160
CVE-2024-9904
CVE-2024-9903
CVE-2024-9856
CVE-2024-9855
CVE-2023-5020
CVE-2023-3058
CVE-2023-27897
CVE-2021-33676
CVE-2018-2380
CVE-2017-15296
CVE-2017-15294
CVE-2015-3980
CVE-2015-3979
CVE-2014-8669
CVE-2014-1962
CVE-2013-7095
<= 1.3.9
A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects un
all versions
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.html
all versions
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html.
>= 1.0.0 and <= 1.2.0
A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the f
>= 1.0.0 and <= 1.2.0
A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function f
all versions
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is s
all versions
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerabil
all versions
A vulnerability, which was classified as critical, has been found in 07FLY CRM V2. This issue affects some unknown processing of t
<= 1.2.0
A vulnerability was found in 07FLY CRM up to 1.2.0. It has been declared as problematic. This vulnerability affects unknown code o
all versions
In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote
all versions
A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged by an attacker with high privile
all versions
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by
all versions
The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.
all versions
The Java administration console in SAP CRM has XSS. This is SAP Security Note 2478964.
all versions
SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL comm
all versions
Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via u
all versions
The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspec
all versions
Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML Ex
all versions
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors rela