30 matches found
EUVD-2019-4195
Malware in sbrugna...
EUVD-2021-28867
Malicious code in bioql PyPI...
CVE-2019-14752
SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS...
BIT-SUITECRM-2020-8784
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 2 of 4...
BIT-SUITECRM-2020-8786
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 4 of 4...
BIT-SUITECRM-2020-8787
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...
BIT-SUITECRM-2021-41869
SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation...
SuiteCRM 跨站脚本漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team.SuiteCRM versions prior to 7.10.35, 7.11.x, and 7.12.x prior to 7.12.2 have a security vulnerability that could be exploited by an attacker to introduce arbitrary JavaScript via attachment upload...
CVE-2021-41869
SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation...
CVE-2021-41869
SuiteCRM 7.10.x prior to 7.10.33 and 7.11.x prior to 7.11.22 are vulnerable to privilege escalation. The corroborating sources list the affected ranges and confirm the fix versions: 7.10.33 and 7.11.22. Root cause details are not provided in the documents, and there is no exploitation status repo...
Siren Federate 安全漏洞
Siren Federate is an application from Siren Ireland. It extends the Elasticsearch API to add high performance and scalable joins. A security vulnerability exists in Siren Federate that discloses user information across thread contexts when a low-privileged user and a high-privileged user execute...
CVE-2019-18785
Summary: CVE-2019-18785 affects SuiteCRM 7.10.x before 7.10.21 and 7.11.x before 7.11.9, due to mishandling of API access tokens and credentials. The available connected documents confirm the affected versions and the behavior but do not provide concrete technical details on root cause beyond tok...
CVE-2019-18782
SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htaccess protection mechanism...
SalesAgility SuiteCRM Input Validation Error Vulnerability
SalesAgility SuiteCRM is a suite of enterprise-grade open source customer relationship management CRM. An input validation error vulnerability exists in SalesAgility SuiteCRM versions 7.10.x prior to 7.10.23 and 7.11.x prior to 7.11.11. An attacker could exploit the vulnerability to bypass securi...
CVE-2020-8787
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...
CVE-2020-8787
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...
CVE-2020-8783
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 1 of 4...
Sql injection
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection issue 2 of 4...
CVE-2019-14454
SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation...
CVE-2019-14454
SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation...