Lucene search
MitreCVELIST:CVE-2011-4833HistoryDec 15, 2011 - 2:00 a.m.
CVE-2011-4833
2011-12-1502:00:00
mitre
www.cve.org
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_full_list action to index.php.
References
secunia.com/advisories/47011
securitytracker.com/id?1026369
www.osvdb.org/77459
www.securityfocus.com/archive/1/520685/100/0/threaded
www.sugarcrm.com/crm/support/bugs.html#issue_47800
www.sugarcrm.com/crm/support/bugs.html#issue_47805
www.sugarcrm.com/crm/support/bugs.html#issue_47806
www.sugarcrm.com/crm/support/bugs.html#issue_47839
exchange.xforce.ibmcloud.com/vulnerabilities/71586
www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html
Related
cve
cve
CVE-2011-4833
2011-12-15 03:57:34
htbridge
htbridge
SQL Injection in SugarCRM
2011-10-05 00:00:00
prion
prion
Sql injection
2011-12-15 03:57:00
nvd
nvd
CVE-2011-4833
2011-12-15 03:57:34