CVE-2018-6308

Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track parameter to modules\Campaigns\Tracker.php and modules\Campaigns\utils.php, the defaultcurrencyname parameter to modules\Configurator\controller.php and modules\Currencies\Currency.php, the duplicate...

CVE-2018-6308

Summary of CVE-2018-6308 : Multiple SQL injections affect SugarCRM Community Edition 6.5.26 and earlier. The injections occur via user-supplied input in the following parameters and locations: track (modules/Campaigns/Tracker.php and modules/Campaigns/utils.php); default_currency_name (modules/Co...