Lucene search

CVE-2024-36410 SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller

🗓️ 10 Jun 2024 17:08:24Reported by GitHub_MType

SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller prior to versions 7.14.4 and 8.6.

Reporter	Title	Published	Views	Family All 5
OSV	CVE-2024-36410	10 Jun 202418:15	–	osv
OSV	BIT-SUITECRM-2024-36410	12 Jun 202407:38	–	osv
Vulnrichment	CVE-2024-36410 SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller	10 Jun 202417:24	–	vulnrichment
CVE	CVE-2024-36410	10 Jun 202418:15	–	cve
NVD	CVE-2024-36410	10 Jun 202418:15	–	nvd

[
  {
    "vendor": "salesagility",
    "product": "SuiteCRM",
    "versions": [
      {
        "version": "< 7.14.4",
        "status": "affected"
      },
      {
        "version": ">= 8.0.0, < 8.6.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/salesagility/SuiteCRM/security/advisories/GHSA-7jj8-m2wj-m6xq

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jun 2024 17:24Current

CVSS39.6

EPSS0.0005

CWE-89

suitecrm security sql injection