Lucene search
K

30 matches found

Cvelist
Cvelist
added 2019/10/07 3:3 p.m.15 views

CVE-2019-17308

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...

8.9AI score0.01401EPSS
Exploits0References1
CVE
CVE
added 2019/10/07 3:3 p.m.48 views

CVE-2019-17308

SugarCRM is vulnerable to PHP code injection in the Emails module (affecting versions before 8.0.4 and 9.x before 9.0.2). The issue can be triggered by a Regular user due to inadequate input validation, enabling arbitrary code execution. Affected software: SugarCRM (core product) with Email handl...

8.8CVSS8.8AI score0.01401EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/07 2:55 p.m.38 views

CVE-2019-17319

CVE-2019-17319 affects SugarCRM before 8.0.4 and 9.x before 9.0.2, where a SQL injection flaw in the Emails module can be exploited by a Regular user. The connected sources concur on the product versions and vulnerable component (Emails module) and describe the underlying issue as SQL injection. ...

8.8CVSS9AI score0.01173EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/09/18 12:0 a.m.6 views

SugarCRM Documents and Emails Module SQL Injection Vulnerability

SugarCRM is the United States SugarCRM company's set of open source customer relationship management system CRM. Documents and Emails module is one of the modules. documents is a document management module. emails is an e-mail module. A SQL injection vulnerability exists in the Documents and Emai...

8.8CVSS8AI score0.0257EPSS
Exploits1References1
OSV
OSV
added 2017/09/17 9:29 p.m.3 views

CVE-2017-14508

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection, as demonstrated by a...

8.8CVSS5.8AI score0.0257EPSS
Exploits1References3
Prion
Prion
added 2017/09/17 9:29 p.m.14 views

Sql injection

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection, as demonstrated by a...

6.5CVSS8.8AI score0.0257EPSS
Exploits1References3Affected Software1
FreeBSD
FreeBSD
added 2017/09/17 12:0 a.m.15 views

sugarcrm -- multiple vulnerabilities

sugarcrm developers report: An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection,...

8.8CVSS7.7AI score0.05766EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2009/06/22 2:30 p.m.5 views

CVE-2009-2146

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition aka SugarCRM before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct...

6CVSS6.2AI score0.21465EPSS
Exploits2References5
UbuntuCve
UbuntuCve
added 2009/06/22 2:30 p.m.41 views

CVE-2009-2146

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition aka SugarCRM before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct...

6CVSS6.2AI score0.21465EPSS
Exploits2References1
NVD
NVD
added 2009/06/22 2:30 p.m.27 views

CVE-2009-2146

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition aka SugarCRM before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct...

6CVSS7.3AI score0.21465EPSS
Exploits2References4
Rows per page
Query Builder