MyITCRM suffers from a persistent cross site scripting vulnerability.
Free and Open source CRM Software for your Repairs and Servicing Business!
Proof of concept :
1 Goto http://demo.myitcrm.com/index.php?page=supplier:new&page_title=New%20Supplifr%20Page
2 Click on html refer screenshot
3 After that a new popup windows will open fill the field with xss payload "><img src=d onerror=confirm(/provensec/);>