CVE-2012-0694

SugarCRM CE = 6.3.1 contains scripts that use "unserialize" with user controlled input which allows remote attackers to execute arbitrary PHP code...

CVE-2012-0694

CVE-2012-0694 affects SugarCRM Community Edition

SugarCRM <= 6.3.1 unserialize() PHP Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

SugarCRM CE &lt;= 6.3.1 &quot;unserialize()&quot; PHP代码执行漏洞

CVECAN ID: CVE-2012-0694 SugarCRM是开源的客户关系管理系统。 SugarCRM 6.4.0在"unserialize"的实现上存在安全漏洞，通过"SugarTheme"类的"destruct"方法的$REQUEST'currentquerybypage'输入变量传递临时序列化对象可导致执行任意PHP代码。 0 SugarCRM Community Edition = 6.3.1 厂商补丁： SugarCRM -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.sugarcrm.net/home/ ?p...

[CVE-2012-0694] SugarCRM CE &lt;= 6.3.1 &quot;unserialize&#40;&#41;&quot; PHP Code Execution

------------------------------------------------------- SugarCRM CE = 6.3.1 "unserialize" PHP Code Execution ------------------------------------------------------- author...........: Egidio Romano aka EgiX mail.............: n0b0d13satgmaildotcom software link....: http://www.sugarcrm.com/ -...

SugarCRM CE 6.3.1 - &#039;Unserialize()&#039; PHP Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SugarCRM %q This module exploits a ph...

CVE-2012-0694

creationtimestamp| type| source ---|---|--- 2012-06-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19403 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/sugarcrmunserializeexec.rb 2019-10-29 23:26:25+00:00...