SugarCRM REST deserialization vulnerability
Added: 09/23/2016 BID: 91413 Background SugarCRM is customer relationship management software written in PHP. Problem Improper use of the unserialize function inside the SugarRestSerialize.php script allows remote attackers to inject PHP objects, leading to arbitrary command execution. Resolution...