EUVD-2019-7723

Malware in sbrugna...

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

SugarCRM PHP code injection vulnerability (CNVD-2019-34427)

SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the Campaigns module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

CVE-2019-17310

CVE-2019-17310 affects SugarCRM (Campaigns module) prior to 8.0.4 and 9.x prior to 9.0.2. An Admin can inject PHP code due to input handling in Campaigns, enabling arbitrary code execution. Impact described as PHP code injection with potential for full system compromise; no exploit details provid...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...

CVE-2011-4670

Multiple cross-site scripting XSS vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 viewname parameter in a CalendarAjax action, 2 activitymode parameter in a DetailView action, 3 contactid and 4 parentid parameters in an...