Missing Authentication for Critical Function

Overview keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the registrar's TLS context being configured with ssl.CERTOPTIONAL instead of requiring clien...

BIT-SUITECRM-2021-45041

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resourceid and startdate...

PT-2022-16354 · Suitecrm · Suitecrm

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.12.2 and 8.0.2 Description: The issue allows remote code execution. Authenticated users with access to the Scheduled Reports module can exploit this by leveraging PHP deserialization in the email recipients...

SuiteCRM 跨站脚本漏洞

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team.SuiteCRM versions prior to 7.10.35, 7.11.x, and 7.12.x prior to 7.12.2 have a security vulnerability that could be exploited by an attacker to introduce arbitrary JavaScript via attachment upload...

SuiteCRM SQL Injection Vulnerability (CNVD-2021-102392)

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team. A security vulnerability exists in SuiteCRM versions prior to 7.12.2 and 8.0.0 that stems from allowing authenticated SQL injection. No details of the vulnerability are provided at this time...

CVE-2021-45041

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resourceid and startdate...

PT-2021-24193 · Suitecrm · Suitecrm

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions 7.12.2 and earlier, 8.x versions prior to 8.0.1 Description: The issue allows authenticated SQL injection via the Tooltips action in the Project module, involving resource id and start date. This can be exploited by...

CVE-2008-6265

Directory traversal vulnerability in portfolio/css.php in Cyberfolio 7.12.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter...

Cyberfolio <= 7.12.2 (css.php theme) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================= Cyberfolio = 7.12.2 css.php theme Local File Inclusion Vulnerability ======================================================================= :::::::-. ... ::::::. :::...

Cyberfolio 7.12.2 - &#039;theme&#039; Local File Inclusion

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl Cyberfolio = 7.12.2 Local File Inclusion Vulnerability Script site: http://cyberfolio.org/ Download:...