Posted by Cyber Security Research Group via Fulldisclosure on Jan 03

Title
=========================
Multiple vulnerabilities found in Rock RMS including RCE and account takeover. A total of three CVEs were issued for
the vulnerabilities (CVE-2019-18641, CVE-2019-18642, CVE-2019-18643)

Product Description
=========================
Rock RMS is an open source CRM. Although the product is free, they request a paid subscription based on number of
users. In some cases, early access to patches require a paid…
– Read More – Full Disclosure