Vtenext

vtenext

Vendor: Vtenext • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-10229 1Vtenext 1Vtenext Jun 17, 2026 Sep 14, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts.
CVE-2020-10228 1Vtenext 1Vtenext Jun 17, 2026 Sep 14, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution.
CVE-2020-10227 1Vtenext 1Vtenext Jun 17, 2026 Sep 14, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email.