CVE-2019-25664

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...

CVE-2019-25664

CVE-2019-25664 affects SuiteCRM 7.10.7. A time-based SQL injection exists in the Records parameter of the Users module DetailView, enabling authenticated attackers to influence database queries by appending SQL to the record parameter in GET requests to index.php. This can be used to extract sens...

SuiteCRM SQL注入漏洞

SuiteCRM is a customer relationship management system developed by the SuiteCRM team. Version 7.10.7 of SuiteCRM has a SQL injection vulnerability. This vulnerability stems from the record parameter in the DetailView operation of the Users module, which involves time-based SQL injections. This...

PT-2026-30473

SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the Users module DetailView action that allows authenticated attackers to manipulate database queries. Attackers can append SQL code to the record parameter in GET requests to the index.php endpoint to...