Lucene search
K

CVE-2004-1227

🗓️ 15 Dec 2004 05:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 78 Views🌐 WEB

Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Cvelist
CVE-2004-1227
15 Dec 200405:00
cvelist
EUVD
EUVD-2004-1224
7 Oct 202500:30
euvd
NVD
CVE-2004-1227
10 Jan 200505:00
nvd
Packet Storm
Hardened-PHP Project Security Advisory 2005-23.105
30 Nov 200500:00
packetstorm
securityvulns
[Full-disclosure] Advisory 23/2005: vTiger multiple vulnerabilities
25 Nov 200500:00
securityvulns
NVD
Node
sugarcrmsugar_salesRange2.0.1c
ParameterPositionPathDescriptionCWE
actionquery paramindex.phpDirectory traversal/remote file inclusion style vectors via dot-dot sequences in index.php parameters (e.g., action, module, or record)CWE-22
modulequery paramindex.phpDirectory traversal/remote file inclusion style vectors via dot-dot sequences in index.php parameters (e.g., action, module, or record)CWE-22
recordquery paramindex.phpDirectory traversal/remote file inclusion style vectors via dot-dot sequences in index.php parameters (e.g., action, module, or record)CWE-22
themequery paramLogin.phpDirectory traversal/vector via the theme parameter to Login.phpCWE-22
paramspathindex.php/%22%3E%3Cscript%3Ealert('xss')%3C/script%3E/?[params]Path-based injection example using dot-dot/encoded characters in path to trigger script execution or XSSCWE-22

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jun 2026 22:07Current
7.5High risk
Vulners AI Score7.5
CVSS 210
EPSS0.04155
78