AI Score
Confidence
High
EPSS
Percentile
91.2%
SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.
packetstormsecurity.com/files/156329/SuiteCRM-7.11.11-Broken-Access-Control-Local-File-Inclusion.html
seclists.org/fulldisclosure/2020/Feb/6
suitecrm.com