CVE-2017-5218
CVE-2017-5218 affects SageCRM 7.x before 7.3 SP3. The vulnerability lies in AP_DocumentUI.asp where Utilityfuncs.js assembles a SQL statement using a database variable that can be populated via the URL, enabling manipulation to access the underlying database. A proof-of-concept payload demonstrat...