PT-2025-42159

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Commands Connectors configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, fr...

EUVD-2017-6010

Malware in sbrugna...

FreeBSD : sugarcrm -- multiple vulnerabilities (3b776502-f601-44e0-87cd-b63f1b9ae42a)

sugarcrm developers report : An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection...

CVE-2017-14509

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a...

Input validation

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. A remote file inclusion has been identified in the Connectors module allowing authenticated users to include remotely accessible system files via a...

CVE-2017-14509

SugarCRM CVE-2017-14509 concerns a remote file inclusion in the Connectors module of SugarCRM (versions prior to 7.7.2.3, 7.8.x before 7.8.2.2, 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26) exploitable by authenticated users via module=CallRest&url= in the query string. The issue arise...

sugarcrm -- multiple vulnerabilities

sugarcrm developers report: An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection,...