CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-29650

Malware in sbrugna...

9.8CVSS9AI score0.005EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-39804

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00459EPSS

Exploits2References3

RedhatCVE•added 2025/05/22 3:42 p.m.•5 views

CVE-2020-8802

SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...

9.8CVSS7AI score0.005EPSS

Exploits1References1

OSV•added 2024/03/06 11:10 a.m.•9 views

BIT-SUITECRM-2020-8802

SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...

9.8CVSS9.6AI score0.005EPSS

Exploits1References4

Packet Storm•added 2023/08/23 12:0 a.m.•492 views

SugarCRM 12.2.0 Bean Manipulation

------------------------------------------------------------------------ SugarCRM = 12.2.0 updateGeocodeStatus Bean Manipulation Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and...

8.8CVSS7.1AI score0.00459EPSS

Exploits2

OSV•added 2023/06/17 10:15 p.m.•1 views

CVE-2023-35809

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code can be injected through the REST API because of missing input validation. Regular user privileges...

8.8CVSS5.7AI score

Exploits0References3

ATTACKERKB•added 2023/06/17 10:15 p.m.•2 views

CVE-2023-35809

8.8CVSS5.6AI score0.00459EPSS

Exploits2References4

NVD•added 2023/06/17 10:15 p.m.•6 views

CVE-2023-35809

8.8CVSS8.7AI score0.00459EPSS

Exploits2References3

Prion•added 2023/06/17 10:15 p.m.•7 views

Input validation

6.5CVSS8.6AI score0.00459EPSS

Exploits2References3Affected Software1

Cvelist•added 2023/06/17 12:0 a.m.•12 views

CVE-2023-35809

8.8AI score0.00459EPSS

Exploits2References3

Positive Technologies•added 2023/06/17 12:0 a.m.•1 views

PT-2023-25326 · Sugarcrm · Sugarcrm Enterprise

Name of the Vulnerable Software and Affected Versions: SugarCRM Enterprise versions prior to 11.0.6 SugarCRM Enterprise versions 12.x prior to 12.0.3 Description: An issue has been identified in the REST API of SugarCRM, allowing for a Bean Manipulation vulnerability. This vulnerability can be...

8.8CVSS7.4AI score0.00459EPSS

Exploits2References7

OSV•added 2023/01/03 6:30 p.m.•34 views

GHSA-FPRR-RRM8-4534 Apache Dubbo vulnerable to remote code execution via Telnet Handler

Apache Dubbo is a Java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to pre-authorization remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main service port can be used to access a Telnet Handler which offers some basic...

9.8CVSS9.8AI score0.05859EPSS

Exploits1References3

Github Security Blog•added 2023/01/03 6:30 p.m.•32 views

Apache Dubbo vulnerable to remote code execution via Telnet Handler

9.8CVSS5.6AI score0.05859EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/01/03 12:0 a.m.•4 views

CVE-2021-32824 Regular expression Denial of Service in MooTools

Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to pre-auth remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main service port can be used to access a Telnet Handler which offers some basic methods t...

9.8CVSS10AI score0.05859EPSS

Exploits1References1

Positive Technologies•added 2021/06/26 12:0 a.m.•1 views

PT-2021-19956 · Apache · Apache Dubbo

Name of the Vulnerable Software and Affected Versions: Apache Dubbo versions prior to 2.6.10 and 2.7.10 Description: Apache Dubbo is a Java-based, open-source RPC framework. The issue concerns pre-auth remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main...

9.8CVSS9.8AI score0.05859EPSS

Exploits1References9

OSV•added 2020/02/13 4:15 p.m.•7 views

CVE-2020-8802

SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...

9.8CVSS7AI score

Exploits0References3

ATTACKERKB•added 2020/02/13 4:15 p.m.•1 views

CVE-2020-8802

SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...

9.8CVSS5.3AI score0.005EPSS

Exploits1References4

Prion•added 2020/02/13 4:15 p.m.•8 views

Information disclosure

SuiteCRM through 7.11.11 has Incorrect Access Control via actionsaveHTMLField Bean Manipulation...

7.5CVSS9.4AI score0.005EPSS

Exploits1References3Affected Software1

CVE•added 2020/02/13 3:13 p.m.•50 views

CVE-2020-8802

Summary (CVE-2020-8802) : SuiteCRM up to version 7.11.11 is affected by an Incorrect Access Control via the HomeController::action_saveHTMLField() bean manipulation, which can create or modify arbitrary beans. This enables potential second-order SQL injection or PHP object injection as described ...

9.8CVSS9.5AI score0.005EPSS

Exploits1References3Affected Software1

Packet Storm•added 2020/02/13 12:0 a.m.•151 views

SuiteCRM 7.11.11 Bean Manipulation

-------------------------------------------------------------------------- SuiteCRM = 7.11.11 actionsaveHTMLField Bean Manipulation Vulnerability -------------------------------------------------------------------------- - Software Link: https://suitecrm.com/ - Affected Versions: Version 7.11.11...

9.7AI score0.005EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by