cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-0368,https://securityvulnerability.io/vulnerability/CVE-2019-0368,,"SAP Customer Relationship Management (Email Management), versions: S4CRM before 1.0 and 2.0, BBPCRM before 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail client resulting in Cross-Site Scripting vulnerability.",SAP,"SAP Customer Relationship Management (email Management - S4crm),SAP Customer Relationship Management (email Management - Bbpcrm)",5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-10-08T19:17:44.000Z,0
CVE-2017-15296,https://securityvulnerability.io/vulnerability/CVE-2017-15296,,The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.,SAP,Customer Relationship Management,8.8,HIGH,0.0007099999929778278,false,false,false,false,,false,false,2017-10-16T16:00:00.000Z,0
CVE-2017-15294,https://securityvulnerability.io/vulnerability/CVE-2017-15294,,The Java administration console in SAP CRM has XSS. This is SAP Security Note 2478964.,SAP,Customer Relationship Management,6.1,MEDIUM,0.0010499999625608325,false,false,false,false,,false,false,2017-10-16T16:00:00.000Z,0
CVE-2015-3979,https://securityvulnerability.io/vulnerability/CVE-2015-3979,,"Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via unknown vectors, aka SAP Security Note 2097534.",SAP,Customer Relationship Management,,,0.013129999861121178,false,false,false,false,,false,false,2015-05-12T20:00:00.000Z,0
CVE-2015-3980,https://securityvulnerability.io/vulnerability/CVE-2015-3980,,"SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534.",SAP,Customer Relationship Management,,,0.001339999958872795,false,false,false,false,,false,false,2015-05-12T20:00:00.000Z,0
CVE-2014-8661,https://securityvulnerability.io/vulnerability/CVE-2014-8661,,The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors.,SAP,Customer Relationship Management Internet Sales,,,0.0074800001457333565,false,false,false,false,,false,false,2014-11-06T15:55:00.000Z,0
CVE-2014-8669,https://securityvulnerability.io/vulnerability/CVE-2014-8669,,The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspecified vectors.,SAP,Customer Relationship Management,,,0.05463999882340431,false,false,false,false,,false,false,2014-11-06T15:55:00.000Z,0
CVE-2014-1962,https://securityvulnerability.io/vulnerability/CVE-2014-1962,,"Gwsync in SAP CRM 7.02 EHP 2 allows remote attackers to obtain sensitive information via unspecified vectors, related to an XML External Entity (XXE) issue.",SAP,Customer Relationship Management,,,0.0035000001080334187,false,false,false,false,,false,false,2014-02-14T15:00:00.000Z,0
CVE-2013-7095,https://securityvulnerability.io/vulnerability/CVE-2013-7095,,The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue.,SAP,Customer Relationship Management,,,0.005090000107884407,false,false,false,false,,false,false,2013-12-13T19:00:00.000Z,0