Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

OpenVAS
OpenVASadded 2006/03/26 12:0 a.m.22 views

SugarCRM <= 4.0 beta Remote File Inclusion Vulnerability

The version of SugarCRM installed on the remote host does not properly sanitize user input in the SPDX-FileCopyrightText: 2005 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.5CVSS6.5AI score0.07328EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2005/12/10 12:0 a.m.33 views

SugarCRM <= 4.0 beta acceptDecline.php Remote File Inclusion

SugarCRM is a Customer Relationship Manager written in PHP. The version of SugarCRM installed on the remote host does not properly sanitize user input in the 'beanFiles' parameter in the 'acceptDecline.php' file. A attacker can use this flaw to display sensitive information and to include malicio...

7.5CVSS5.8AI score0.07328EPSS
Exploits2References4
Cvelist
Cvelistadded 2005/12/08 11:0 a.m.22 views

CVE-2005-4086

Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management SugarCRM 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter...

6.7AI score0.07328EPSS
Exploits1References6
CVE
CVEadded 2005/12/08 11:0 a.m.49 views

CVE-2005-4086

SugarCRM

5CVSS6.7AI score0.07328EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder