Lucene search

CVE-2024-36415

🗓️ 10 Jun 2024 20:14:15Reported by GitHub_MType

Vulnerability in SuiteCRM file verification allows remote code execution

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2024-36415 SuiteCRM Improper Control of Filename for Include Statement in PHP and Unrestricted Upload of File with Dangerous content leads to authenticated remote code execution	10 Jun 202419:49	–	cvelist
OSV	BIT-SUITECRM-2024-36415	12 Jun 202407:37	–	osv
OSV	CVE-2024-36415	10 Jun 202420:15	–	osv
NVD	CVE-2024-36415	10 Jun 202420:15	–	nvd
Vulnrichment	CVE-2024-36415 SuiteCRM Improper Control of Filename for Include Statement in PHP and Unrestricted Upload of File with Dangerous content leads to authenticated remote code execution	10 Jun 202419:49	–	vulnrichment

Nvd

Vulners

Vulnrichment

Node

salesagility suitecrmRange<7.14.4

salesagility suitecrmRange8.0.0–8.6.1

[
  {
    "vendor": "salesagility",
    "product": "SuiteCRM",
    "versions": [
      {
        "version": "< 7.14.4",
        "status": "affected"
      },
      {
        "version": ">= 8.0.0, < 8.6.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/salesagility/SuiteCRM/security/advisories/GHSA-c82f-58jv-jfrh

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jun 2024 20:15Current

9.3High risk

Vulners AI Score9.3

CVSS38.8 - 9.1

EPSS0.01143

SSVC